Improve setCorsHeaders() for "include" mode

2025-07-05 05:50:19 +08:00 · 2024-01-13 23:46:05 +08:00
parent 60096468fe
commit 78066da208
1 changed files with 6 additions and 4 deletions
--- a/routers/cors_filter.go
+++ b/routers/cors_filter.go
@ -28,12 +28,14 @@ const (
 	headerAllowOrigin      = "Access-Control-Allow-Origin"
 	headerAllowMethods     = "Access-Control-Allow-Methods"
 	headerAllowHeaders     = "Access-Control-Allow-Headers"
+	headerAllowCredentials = "Access-Control-Allow-Credentials"
 )

 func setCorsHeaders(ctx *context.Context, origin string) {
 	ctx.Output.Header(headerAllowOrigin, origin)
 	ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 	ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
+	ctx.Output.Header(headerAllowCredentials, "true")

 	if ctx.Input.Method() == "OPTIONS" {
 		ctx.ResponseWriter.WriteHeader(http.StatusOK)