mayiming/hldrCenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2eec9be9f34e7c0a3bac9c5d9327169c8c324fe
hldrCenter/server/middleware/cors/cors.go

66 lines
1.9 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package cors
import (
"fmt"
"net/http"
"github.com/JACKYMYPERSON/hldrCenter/config"
"github.com/gin-gonic/gin"
)
func CorsMiddleware(serverConfig *config.ServerConfig) gin.HandlerFunc {
return func(c *gin.Context) {
// 1. 打印配置的允许源(调试用)
fmt.Printf("允许的前端源配置:%v\n", serverConfig.AllowedOrigins)
// 2. 获取请求的Origin头
origin := c.Request.Header.Get("Origin")
fmt.Printf("当前请求源:%s\n", origin) // 调试用
// 3. 简化跨域逻辑:如果配置了*,直接允许所有源
allowOrigin := ""
hasWildcard := false
for _, allowed := range serverConfig.AllowedOrigins {
if allowed == "*" {
hasWildcard = true
break
}
}
if hasWildcard {
// 配置了*,直接设置为*(兼容所有源)
allowOrigin = "*"
} else {
// 没有*,精确匹配
for _, allowed := range serverConfig.AllowedOrigins {
if allowed == origin {
allowOrigin = origin
break
}
}
}
// 设置跨域头
if allowOrigin != "" {
c.Writer.Header().Set("Access-Control-Allow-Origin", allowOrigin)
}
// 允许的方法包含上传需要的POST
c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, PATCH")
// 允许的头包含上传可能用到的Content-Type
c.Writer.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type, Accept, Authorization, X-Requested-With,session_id")
// 允许携带凭证(如果前端需要)
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
// 预检请求缓存时间24小时
c.Writer.Header().Set("Access-Control-Max-Age", "86400")
// 4. 处理OPTIONS预检请求上传文件前浏览器会先发这个请求
if c.Request.Method == "OPTIONS" {
fmt.Println("收到OPTIONS预检请求返回204") // 调试用
c.AbortWithStatus(http.StatusNoContent)
return
}
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink