Comments (14)
If I have to define a route for OPTIONS, it really limits the usefulness of the library.
I wrote a middleware function to do the cors that seems to be working.
To me, when adding a CORS library to an api project I'm expecting that all routes will be covered by the library. Defining an OPTIONS route means I have do that for every single endpoint on the API which typically if I'm supplying a client-facing api, CORS will be required for all routes.
from cors.
Yep that is EXACTLY what was wrong. My feedback here would be:
Since disallowed origins are returned with a 403, I would suggest if Origin is not present to return a 403 by default, and if AllowAllOrigins is enabled, Ignore the Origin header altogether (since a null/undefined origin would be assumed in the "All Origins")
from cors.
I had a typo in the header Orgin: http://localhost
instead of Origin: http://localhost
I was sending, sorry for the noise.
from cors.
You have defined only a route on get?
from cors.
You are right, cors is listening for options requests, but maybe you are running into https://github.com/gin-contrib/cors/blob/master/config.go#L33
from cors.
Thank you though, that was precisely what was wrong
from cors.
Also confused by this issue. When will the server return a 404?
from cors.
+1
from cors.
how ?
from cors.
Guys, I'm really lost!!! How to resolve this issue?
Thanks
from cors.
package main
import (
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
)
func main() {
router := gin.Default()
// same as
// config := cors.DefaultConfig()
// config.AllowAllOrigins = true
// router.Use(cors.New(config))
router.Use(cors.Default())
router.GET("/ping", func(c *gin.Context) {
c.JSON(200, gin.H{
"message": "pong",
})
})
router.Run("0.0.0.0:3000")
}
I receive a 404
with an OPTIONS
request as well.
from cors.
You are right, cors is listening for options requests, but maybe you are running into https://github.com/gin-contrib/cors/blob/master/config.go#L33
what does this mean?
from cors.
Hi Folks,
This appears to still be open, and since I am having the same issue, are there any suggestions to resolving besides writing my own CORS handler (or, I guess, forking and fixing)?
Thanks.
from cors.
Hi Folks,
This appears to still be open, and since I am having the same issue, are there any suggestions to resolving besides writing my own CORS handler (or, I guess, forking and fixing)?
Thanks.
Found this middleware func from stackoverflow:
func CORSMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
if c.Request.Method == "OPTIONS" {
c.AbortWithStatus(204)
return
}
c.Next()
}
}
from cors.
Related Issues (20)
- Snyk vulnerability HTTP Response Splitting on older version of github.com/gin-gonic/gin HOT 3
- Shouldn't Be Returning * When Allow-Credentials and Allow-All-Origins are Set to True
- React & React Native Issue
- update README file
- Allow All Headers
- No way to disable caching of CORS-preflight responses
- Users currently cannot allow methods that are not uppercase HOT 1
- Repo documentatoin website (github pages URL) is broken - 404 error HOT 1
- Allow All Origin header not added in the response HOT 8
- Weird Access-Control-Allow-Headers CORS Bug HOT 1
- Register tauri:// scheme (or allow custom schemes upstream?)
- Cors error HOT 2
- error in parseWildcardRules when asterisk at the end HOT 2
- Timing-Allow-Origin support
- CORS not working, even with `cors.Default()` HOT 1
- Feature Proposal: Config.MatchPaths HOT 1
- it doesn't work HOT 11
- I can't use cors.default() to allow all origin haeder. HOT 5
- [Notice] Preflight with no origin will return OPTIONS 404 HOT 1
- CORS error with added header HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors.