62 lines
1.4 KiB
Go
62 lines
1.4 KiB
Go
package cors
|
|
|
|
import (
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type Config struct {
|
|
AllowOrigins []string
|
|
AllowMethods []string
|
|
AllowHeaders []string
|
|
ExposeHeaders []string
|
|
AllowCredentials bool
|
|
MaxAge int
|
|
}
|
|
|
|
func DefaultConfig() Config {
|
|
return Config{
|
|
AllowOrigins: []string{"*"},
|
|
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
|
|
AllowHeaders: []string{"Origin", "Content-Type", "Accept"},
|
|
ExposeHeaders: []string{"Content-Length"},
|
|
AllowCredentials: true,
|
|
MaxAge: 86400, // 24 hours
|
|
}
|
|
}
|
|
|
|
func Cors(config Config) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
origin := c.Request.Header.Get("Origin")
|
|
|
|
// 检查是否允许该来源
|
|
allowOrigin := "*"
|
|
for _, o := range config.AllowOrigins {
|
|
if o == origin {
|
|
allowOrigin = origin
|
|
break
|
|
}
|
|
}
|
|
|
|
c.Header("Access-Control-Allow-Origin", allowOrigin)
|
|
c.Header("Access-Control-Allow-Methods", strings.Join(config.AllowMethods, ","))
|
|
c.Header("Access-Control-Allow-Headers", strings.Join(config.AllowHeaders, ","))
|
|
c.Header("Access-Control-Expose-Headers", strings.Join(config.ExposeHeaders, ","))
|
|
c.Header("Access-Control-Max-Age", strconv.Itoa(config.MaxAge))
|
|
|
|
if config.AllowCredentials {
|
|
c.Header("Access-Control-Allow-Credentials", "true")
|
|
}
|
|
|
|
if c.Request.Method == "OPTIONS" {
|
|
c.AbortWithStatus(204)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|