瀏覽器有跨域限制，需要在header里添加Access-Control-Allow-Origin

package middleware

import (
    "github.com/gin-gonic/gin"
    "net/http"
)

func Cors() gin.HandlerFunc {
    return func(context *gin.Context) {
        method := context.Request.Method
        context.Header("Access-Control-Allow-Origin", "*")
        context.Header("Access-Control-Allow-Headers", "Content-Type, AccessToken, X-CSRF-Token, Authorization, Token")
        context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
        context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type")
        context.Header("Access-Control-Allow-Credentials", "true")
        // 允許放行OPTIONS請(qǐng)求
                if method == "OPTIONS" {
            context.AbortWithStatus(http.StatusNoContent)
        }
        context.Next()
    }
}

添加中間件

r.Use(middleware.Cors())

有一個(gè)補(bǔ)充，前端如果需要添加自定義請(qǐng)求頭字段時(shí)，比如token

這時(shí)瀏覽器會(huì)預(yù)先發(fā)一個(gè)OPTIONS類(lèi)型的請(qǐng)求，如果添加的自定義字段沒(méi)有包含在“Access-Control-Allow-Headers”里面的話(huà)，前端只會(huì)收到一個(gè)沒(méi)有body的response

所以此時(shí)Cors中間件中不僅要處理OPTIONS類(lèi)型的請(qǐng)求，也要在Access-Control-Allow-Headers添加這個(gè)自定義字段