From cb56be9a63c06dbb66aa7072e2e27d483b07c3d6 Mon Sep 17 00:00:00 2001 From: terwer Date: Sat, 6 Aug 2022 22:50:21 +0800 Subject: [PATCH] =?UTF-8?q?:art:=20#5589=20=E5=90=8E=E7=AB=AF=E6=9C=8D?= =?UTF-8?q?=E5=8A=A1=E6=94=AF=E6=8C=81CORS=E9=A2=84=E6=A3=80=E8=AF=B7?= =?UTF-8?q?=E6=B1=82=E9=AA=8C=E8=AF=81=20(#5593)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/server/serve.go | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/kernel/server/serve.go b/kernel/server/serve.go index 054f41ab8..08e6e1182 100644 --- a/kernel/server/serve.go +++ b/kernel/server/serve.go @@ -27,7 +27,6 @@ import ( "github.com/88250/gulu" "github.com/88250/melody" - "github.com/gin-contrib/cors" "github.com/gin-contrib/gzip" "github.com/gin-contrib/sessions" "github.com/gin-contrib/sessions/cookie" @@ -42,12 +41,31 @@ import ( var cookieStore = cookie.NewStore([]byte("ATN51UlxVq1Gcvdf")) +func CORSMiddleware() gin.HandlerFunc { + return func(c *gin.Context) { + + c.Header("Access-Control-Allow-Origin", "*") + c.Header("Access-Control-Allow-Credentials", "true") + c.Header("Access-Control-Allow-Headers", "origin, Content-Length, Content-Type, Authorization") + c.Header("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS") + + if c.Request.Method == "OPTIONS" { + c.AbortWithStatus(204) + return + } + + c.Next() + } +} + func Serve(fastMode bool) { gin.SetMode(gin.ReleaseMode) ginServer := gin.New() ginServer.MaxMultipartMemory = 1024 * 1024 * 32 // 插入较大的资源文件时内存占用较大 https://github.com/siyuan-note/siyuan/issues/5023 ginServer.Use(gin.Recovery()) - ginServer.Use(cors.Default()) + // 跨域支持验证 + // ginServer.Use(cors.Default()) + ginServer.Use(CORSMiddleware()) ginServer.Use(gzip.Gzip(gzip.DefaultCompression, gzip.WithExcludedExtensions([]string{".pdf", ".mp3", ".wav", ".ogg", ".mov", ".weba", ".mkv", ".mp4", ".webm"}))) cookieStore.Options(sessions.Options{