我在后端使用Golang,在后端使用Gin-Gonic/Gin网络框架,在我的前端使用Reaction Axios.我已经试了两天了,但仍然得到以下相同的错误:
CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
仅当我try 发送修补程序请求时才会出现此错误,因此需要印前判断选项请求,但GET和POST的一切工作正常,这两个请求不会运行任何印前判断.
以下是我的路由配置代码:
package main
import (
"book_renting/api"
"log"
"net/http"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/contrib/cors"
"github.com/gin-gonic/gin"
_ "github.com/lib/pq"
)
func main() {
router := gin.Default()
store := cookie.NewStore([]byte("your-secret-key"))
store.Options(sessions.Options{MaxAge: 60 * 60 * 24})
router.Use(cors.Default())
router.Use(sessions.Sessions("sessions", store))
router.Use(func(c *gin.Context) {
host := c.Request.Header.Get("Origin")
c.Writer.Header().Set("Access-Control-Allow-Origin", host)
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, PATCH, OPTIONS")
if c.Request.Method == "OPTIONS" {
log.Println("Handling OPTIONS request")
c.AbortWithStatus(http.StatusNoContent)
return
}
log.Println("Executing CORS middleware")
c.Next()
})
router.POST("/login", api.HandleLogin)
router.GET("/logout", api.HandleLogout)
router.POST("/register", api.HandleRegister)
router.GET("/getCookie", api.GetCookieSession)
router.GET("/books", api.GetBooksAPI)
router.GET("/books/:id", api.BookByIdAPI)
router.PATCH("/rent/:id", api.RentBookAPI)
router.PATCH("/return/:id", api.ReturnBookAPI)
router.Run("localhost:3000")
}
下面是前端部分:
import axios from 'axios'
const url = 'http://localhost:3000'
export const loginUser = async (credentials) => await axios.post(`${url}/login`, credentials, {withCredentials: true})
export const logoutUser = async () => await axios.get(`${url}/logout`, {withCredentials: true})
export const registerUser = () => axios.post(`${url}/register`)
export const fetchBooks = () => axios.get(`${url}/books`, { withCredentials: true })
export const fetchBookByID = (book_id) => axios.get(`${url}/books/${book_id}`, { withCredentials: true })
export const rentBook = (book_id) => axios.patch(`${url}/rent/${book_id}`, { withCredentials: true })
export const returnBook = (book_id) => axios.patch(`${url}/return/${book_id}`, { withCredentials: true })
我非常确定我正确地设置了后端,它应该返回所有必要的标头.
例如,对于GET请求,响应头如下所示:
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: http://localhost:3001
Content-Type: application/json; charset=utf-8
Date: Sat, 10 Jun 2023 22:12:11 GMT
Content-Length: 495
而对于修补程序请求try ,我没有任何响应(这并不奇怪),印前判断响应标头为:
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 22:12:12 GMT
Content-Length: 0
你有什么建议可能是这个问题吗?过了这两天,我已经一窍不通了.提前谢谢您!
我还试着把标题放在:
c.Writer.Header().Set("Access-Control-Allow-Origin", host)
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, PATCH, OPTIONS")
...再次在if语句中:
if c.Request.Method == "OPTIONS" {
log.Println("Handling OPTIONS request")
c.AbortWithStatus(http.StatusNoContent)
return
}
但这丝毫没有帮助.事实上,当执行印前判断时,并且我从控制台知道服务器正在执行OPTIONS请求时,不会执行此if语句.
[GIN] 2023/06/11 - 00:12:13 | 200 | 7.708µs | 127.0.0.1 | OPTIONS "/rent/2"
编辑:
下面是发送修补程序请求的curl命令(因此,实际上这里是印前判断选项请求):
curl 'http://localhost:3000/return/2' \
-X 'OPTIONS' \
-H 'Accept: */*' \
-H 'Accept-Language: en-US,en;q=0.9,pl-PL;q=0.8,pl;q=0.7' \
-H 'Access-Control-Request-Headers: content-type' \
-H 'Access-Control-Request-Method: PATCH' \
-H 'Cache-Control: no-cache' \
-H 'Connection: keep-alive' \
-H 'Origin: http://localhost:3001' \
-H 'Pragma: no-cache' \
-H 'Referer: http://localhost:3001/' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Site: same-site' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36' \
--compressed
对这一请求的回应是:
HTTP/1.1 200 OK
Date: Sun, 11 Jun 2023 01:22:57 GMT
Content-Length: 0