From bafe18f6e16fde002b791cc05f89f8b87ba08dd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B1=AA=E5=85=88=E6=A3=AE?= Date: Fri, 18 Sep 2020 17:38:14 +0800 Subject: [PATCH] =?UTF-8?q?cors.go:=20fix=E9=83=A8=E5=88=86=E6=B5=8F?= =?UTF-8?q?=E8=A7=88=E5=99=A8=E4=B8=8D=E6=94=AF=E6=8C=81*=E7=9A=84?= =?UTF-8?q?=E6=A0=BC=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/middleware/cors.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/middleware/cors.go b/server/middleware/cors.go index e1e66c44..91a5ef21 100644 --- a/server/middleware/cors.go +++ b/server/middleware/cors.go @@ -9,7 +9,8 @@ import ( func Cors() gin.HandlerFunc { return func(c *gin.Context) { method := c.Request.Method - c.Header("Access-Control-Allow-Origin", "*") + origin := c.Request.Header.Get("Origin") + c.Header("Access-Control-Allow-Origin", origin) c.Header("Access-Control-Allow-Headers", "Content-Type,AccessToken,X-CSRF-Token, Authorization, Token,X-Token,X-User-Id\"") c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS,DELETE,PUT") c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type")