允许使用gorilla handlers的来源

huangapple go评论84阅读模式
英文:

Allowing origins using gorilla handlers

问题

我目前正在编写一个 RESTful Web 服务器,并希望从 Angular2 前端进行测试。由于在开发过程中服务器托管在另一个域上,我需要使用 Access-Control-Allow-Origin: *(我认为是这样)。我尝试使用 gorilla handlers 包来实现这一点,具体如下所示:

origins := handlers.AllowedOrigins([]string{"*"})
log.Fatal(http.ListenAndServe(":"+os.Getenv(util.Port),
    handlers.LoggingHandler(os.Stdout, handlers.CORS(origins)(router))))

现在,当我尝试使用以下 curl 请求服务器时:

curl -H "Origin: http://example.com" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-Width" \
-X OPTIONS --verbose localhost:8000

我在服务器上收到一个 OPTIONS 请求,返回 403 错误。我还尝试添加头部和允许的方法:

handlers.AllowedHeaders([]string{"X-Requested-With"})
handlers.AllowedMethods([]string{"GET", "POST", "PUT", "OPTIONS"})

但没有任何改变。我该如何解决这个问题?

英文:

I'm currently writing a restful web server, that I would like to test from angular2 frontend. Since the server is hosted on another domain while developing I need Access-Control-Allow-Origin: * (I think). I tried to achieve that by using the gorilla handlers package, namely the following:

origins := handlers.AllowedOrigins([]string{"*"})
log.Fatal(http.ListenAndServe(":"+os.Getenv(util.Port),
	handlers.LoggingHandler(os.Stdout, handlers.CORS(origins)(router))))

now when trying to request the server using the following curl:

curl -H "Origin: http://example.com" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-Width" \
-X OPTIONS --verbose localhost:8000

I get an OPTIONS request on the server, which returns 403. I have also tried adding headers and allowed methods:

handlers.AllowedHeaders([]string{"X-Requested-With"})
handlers.AllowedMethods([]string{"GET", "POST", "PUT", "OPTIONS"})

but it made no difference. How can I resolve this?

答案1

得分: 2

这是我的翻译:

这对我有效:

package main

import (
	"log"
	"net/http"
	"os"

	"github.com/gorilla/handlers"
	"github.com/gorilla/mux"
)

func main() {
	router := mux.NewRouter()

	log.Fatal(http.ListenAndServe(":8080",
		handlers.LoggingHandler(os.Stdout, handlers.CORS(
			handlers.AllowedMethods([]string{"POST"}),
			handlers.AllowedOrigins([]string{"*"}),
			handlers.AllowedHeaders([]string{"X-Requested-With"}),
		)(router))))
}

在你的curl示例中,X-Requested-With被拼写错误:

$ curl -H "Origin: http://example.com" -H "Access-Control-Request-Method: POST" -H "Access-Control-Request-Headers: X-Requested-With" -X OPTIONS --verbose localhost:8080
* Rebuilt URL to: localhost:8080/
*   Trying ::1...
* Connected to localhost (::1) port 8080 (#0)
> OPTIONS / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.50.1
> Accept: */*
> Origin: http://example.com
> Access-Control-Request-Method: POST
> Access-Control-Request-Headers: X-Requested-With
> 
< HTTP/1.1 200 OK
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Origin: http://example.com
< Date: Thu, 16 Feb 2017 22:58:24 GMT
< Content-Length: 0
< Content-Type: text/plain; charset=utf-8
< 
* Connection #0 to host localhost left intact
英文:

This works for me:

package main

import (
	&quot;log&quot;
	&quot;net/http&quot;
	&quot;os&quot;

	&quot;github.com/gorilla/handlers&quot;
	&quot;github.com/gorilla/mux&quot;
)

func main() {
	router := mux.NewRouter()

	log.Fatal(http.ListenAndServe(&quot;:8080&quot;, 
		handlers.LoggingHandler(os.Stdout, handlers.CORS(
		    handlers.AllowedMethods([]string{&quot;POST&quot;}),
			handlers.AllowedOrigins([]string{&quot;*&quot;}),
			handlers.AllowedHeaders([]string{&quot;X-Requested-With&quot;}))(router))))
}

The X-Requested-With is mistyped in your curl example:

$ curl -H &quot;Origin: http://example.com&quot; -H &quot;Access-Control-Request-Method: POST&quot; -H &quot;Access-Control-Request-Headers: X-Requested-With&quot; -X OPTIONS --verbose localhost:8080
* Rebuilt URL to: localhost:8080/
*   Trying ::1...
* Connected to localhost (::1) port 8080 (#0)
&gt; OPTIONS / HTTP/1.1
&gt; Host: localhost:8080
&gt; User-Agent: curl/7.50.1
&gt; Accept: */*
&gt; Origin: http://example.com
&gt; Access-Control-Request-Method: POST
&gt; Access-Control-Request-Headers: X-Requested-With
&gt; 
&lt; HTTP/1.1 200 OK
&lt; Access-Control-Allow-Headers: X-Requested-With
&lt; Access-Control-Allow-Origin: http://example.com
&lt; Date: Thu, 16 Feb 2017 22:58:24 GMT
&lt; Content-Length: 0
&lt; Content-Type: text/plain; charset=utf-8
&lt; 
* Connection #0 to host localhost left intact

huangapple
  • 本文由 发表于 2017年2月10日 15:39:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/42153963.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定