Loger's blog site

Loger's blog site,分享编程知识,顺便发发牢骚

0%

beego解决跨域问题:options请求、axios post请求跨域问题

根据网上的资料配置,还是未能解决跨域的问题,错误如下:

1
has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

网上的配置如下:

1
2
3
4
5
6
beego.InsertFilter("/*", beego.BeforeRouter, cors.Allow(&cors.Options{
AllowAllOrigins: true,
AllowMethods: []string{"*"},
AllowHeaders: []string{"*"},
AllowCredentials: true,
}))

正确的配置(2020-05-10 依然不能完全解决)

1
2
3
4
5
6
beego.InsertFilter("/*", beego.BeforeRouter, cors.Allow(&cors.Options{
AllowOrigins: []string{"*"},
AllowMethods: []string{"*"},
AllowHeaders: []string{"*"},
AllowCredentials: true,
}))

2020-05-10:上面的配置,在碰到options请求的时候,依然还是会提示跨域问题:

1
2
3
Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response

The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

等等报错。

解决

既然用这些配置没法解决,那就自己撸一个吧。

cors_filter.go

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
var success = []byte("SUPPORT OPTIONS")

var corsFunc = func(ctx *context.Context) {
origin := ctx.Input.Header("Origin")
ctx.Output.Header("Access-Control-Allow-Methods", "OPTIONS,DELETE,POST,GET,PUT,PATCH")
ctx.Output.Header("Access-Control-Max-Age", "3600")
ctx.Output.Header("Access-Control-Allow-Headers", "X-Custom-Header,accept,Content-Type,Access-Token")
ctx.Output.Header("Access-Control-Allow-Credentials", "true")
ctx.Output.Header("Access-Control-Allow-Origin", origin)
if ctx.Input.Method() == http.MethodOptions {
// options请求,返回200
ctx.Output.SetStatus(http.StatusOK)
_ = ctx.Output.Body(success)
}
}

func init() {
beego.InsertFilter("/*", beego.BeforeRouter, corsFunc)
}

加了这个配置之后,跨域总算解决了。