| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 |
- package middleware
- import (
- "kpt-tmr-group/pkg/logger/zaplog"
- "net/http"
- "go.uber.org/zap"
- "github.com/gin-contrib/cors"
- "github.com/gin-gonic/gin"
- )
- // CORS enable CORS support
- func CORS(configs ...cors.Config) gin.HandlerFunc {
- if len(configs) != 0 {
- return cors.New(configs[0])
- }
- return func(c *gin.Context) {
- method := c.Request.Method
- origin := c.Request.Header.Get("Origin") //请求头部
- if origin != "" {
- //接收客户端发送的origin (重要!)
- c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
- //服务器支持的所有跨域请求的方法
- c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
- //允许跨域设置可以返回其他子段,可以自定义字段
- c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session")
- // 允许浏览器(客户端)可以解析的头部 (重要)
- c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers")
- //设置缓存时间
- c.Header("Access-Control-Max-Age", "172800")
- //允许客户端传递校验信息比如 cookie (重要)
- c.Header("Access-Control-Allow-Credentials", "true")
- }
- //允许类型校验
- if method == "OPTIONS" {
- c.JSON(http.StatusOK, "ok!")
- }
- defer func() {
- if err := recover(); err != nil {
- zaplog.Error("cors", zap.Any("recover", err))
- }
- }()
- c.Next()
- }
- }
|
