1

I'm using rs/cors in my Go API to allow my Angularjs app to make direct requests. I've added the following code to configure CORS:

crs := cors.New(cors.Options{AllowCredentials: true})
n.Use(crs) //Negroni include

but I'm getting the No 'Access-Control-Allow-Origin' header is present on the requested resource message in the browser when I make a request.

My request looks like this:

var req = {
    method: 'POST',
    url: endPoint + version + method,
    headers: {
        'Authorization': 'Basic ' + btoa(':' + appId)
    },
    data: params
}

$http(req).
    success(function(data, status, headers, config) {
        callback(null, data);
    }).
    error(function(data, status, headers, config) {
        callback(data);
    });

How can I get round this?

Improve this question
1
  • My guess would be your webserver isn't responding to OPTIONS requests, but i'm not familiar enough to golang to be sure or suggest a solution. Commented May 29, 2015 at 17:58

1 Answer 1

Reset to default
3

Fixed it! I noticed that a few different headers were being sent with the request and I had to explicitly allow all of them.

AllowedHeaders: []string{"accept", "authorization", "content-type"}

I hope this helps someone.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

You can also use a wildcard for all types: AllowedHeaders: []string{"*"}

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.