Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Making golang Gorilla CORS handler work

Tags:

cors

go

gorilla

servemux

I have fairly simple setup here as described in the code below. But I am not able to get the CORS to work. I keep getting this error:

XMLHttpRequest cannot load http://localhost:3000/signup. Response to preflight request doesn't pass access control check: No 'Access- Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access. The response had HTTP status code 403.

I am sure I am missing something simple here.

Here is the code I have:

package main  import (     "log"     "net/http"      "github.com/gorilla/handlers"     "github.com/gorilla/mux"     "myApp/src/controllers" )  func main() {     ac := new(controllers.AccountController)      router := mux.NewRouter()     router.HandleFunc("/signup", ac.SignUp).Methods("POST")     router.HandleFunc("/signin", ac.SignIn).Methods("POST")      log.Fatal(http.ListenAndServe(":3000", handlers.CORS()(router))) }
like image 832
Moon Avatar asked Dec 06 '16 00:12

Moon

1 Answers

Please read the link Markus suggested, and also about what triggers CORS pre-flight requests.

Pre-flight requests: You may have a content type like JSON, or some other custom header that's triggering a pre-flight request, which your server may not be handling. Try adding this one, if you're using the ever-common AJAX in your front-end: https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Requested-With

Gorilla's handlers.CORS() will set sane defaults to get the basics of CORS working for you; however, you can (and maybe should) take control in a more functional manner.

Here's some starter code:

// Where ORIGIN_ALLOWED is like `scheme://dns[:port]`, or `*` (insecure) headersOk := handlers.AllowedHeaders([]string{"X-Requested-With"}) originsOk := handlers.AllowedOrigins([]string{os.Getenv("ORIGIN_ALLOWED")}) methodsOk := handlers.AllowedMethods([]string{"GET", "HEAD", "POST", "PUT", "OPTIONS"})  // start server listen // with error handling log.Fatal(http.ListenAndServe(":" + os.Getenv("PORT"), handlers.CORS(originsOk, headersOk, methodsOk)(router)))
like image 86
jeremiah.trein Avatar answered Sep 21 '22 15:09

jeremiah.trein
Sign in to Comment

Related questions

Pre-master secret mistmatched when implementing Diffie-Hellman key exchange
Negative look-ahead in Go regular expressions
Go get cannot find local packages when using multiple modules in a repo
$GOPATH must not be set to $GOROOT, why not?
How to set bool pointer to true in struct literal?
How to parse JSON array in Go
Most efficient way to convert io.ReadCloser to byte array
How to parse/deserialize dynamic JSON
Comparing arrays in Go language
How to embed file for later parsing execution use
How to test os.exit scenarios in Go
How do I migrate from Dep to Go Modules
Month to int in Go
Generating random numbers over a range in Go
Nullable time.Time
How to run a shell command in a specific folder
Insert a value in a slice at a given index
How to check if a string only contains alphabetic characters in Go?
Go - append to slice in struct
golang sort slice ascending or descending

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!