allow_cors.go
1.0 KB
/**
@author: stevechan
@date: 2021/3/9
@note:
**/
package middleware
import (
"github.com/astaxie/beego/context"
"github.com/astaxie/beego/plugins/cors"
)
func AllowCors() func(ctx *context.Context) {
fn := cors.Allow(&cors.Options{
//允许访问所有源
AllowAllOrigins: true,
//可选参数"GET", "POST", "PUT", "DELETE", "OPTIONS" (*为所有)
//其中Options跨域复杂请求预检
AllowMethods: []string{"*"},
//指的是允许的Header的种类
//AllowHeaders: []string{"Origin", "Authorization", "Access-Control-Allow-Origin", "Content-Type", "x-requested-with"},
//AllowHeaders: []string{"*"},
AllowHeaders: []string{"Origin", "Authorization", "Access-Control-Allow-Origin", "Content-Type", "X-MMM-DeviceType", "X-MMM-Version", "X-MMM-Timestamp", "X-MMM-Sign", "X-MMM-Uuid", "X-MMM-AccessToken", "X-MMM-AppName", "X-MMM-AppProject"},
//公开的HTTP标头列表
ExposeHeaders: []string{"Content-Length"},
//如果设置,则允许共享身份验证凭据,例如cookie
AllowCredentials: true,
})
return fn
}