/
cors.go
31 lines (28 loc) · 1.42 KB
/
cors.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
package middleware
// github.com/pilinux/gorestlib
// The MIT License (MIT)
// Copyright (c) 2022 pilinux
import "github.com/gin-gonic/gin"
// CORS - Cross-Origin Resource Sharing
// origin: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
// credentials: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
// headers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
// methods: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
// maxAge: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
// General recommendation for dev environment:
// ----------------------------------
// origin: "*"
// credentials: "true"
// headers: "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With"
// methods: "GET, POST, PUT, PATCH, DELETE"
// maxAge: 300
func CORS(origin, credentials, headers, methods, maxAge string) gin.HandlerFunc {
return func(c *gin.Context) {
c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
c.Writer.Header().Set("Access-Control-Allow-Credentials", credentials)
c.Writer.Header().Set("Access-Control-Allow-Headers", headers)
c.Writer.Header().Set("Access-Control-Allow-Methods", methods)
c.Writer.Header().Set("Access-Control-Max-Age", maxAge)
c.Next()
}
}