Gin: Support automatic OPTIONS response generation

Created on 13 Mar 2016  路  6Comments  路  Source: gin-gonic/gin

https://github.com/julienschmidt/httprouter now supports OPTIONS response generation by a boolean flag

The code paths for routing still seem quite close. Can we bring this enhancement into the Gin router?

Relevant code:

https://github.com/julienschmidt/httprouter/blob/master/router.go#L379

https://github.com/julienschmidt/httprouter/blob/master/router.go#L296

picture verdverm

Most helpful comment

A way to fix this issue quickly. Try to create new middleware:

func Options(c *gin.Context) {
    if c.Request.Method != "OPTIONS" {
        c.Next()
    } else {
        c.Header("Access-Control-Allow-Origin", "*")
        c.Header("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,OPTIONS")
        c.Header("Access-Control-Allow-Headers", "authorization, origin, content-type, accept")
        c.Header("Allow", "HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS")
        c.Header("Content-Type", "application/json")
        c.AbortWithStatus(http.StatusOK)
    }
}

in router:

e.Use(header.Options)
picture appleboy on 12 Dec 2017
👍8

All 6 comments

This may be a moot point if #498 (fasthttprouter) is accepted

verdverm picture verdverm on 13 Mar 2016

This is implemented with my comments on #155

verdverm picture verdverm on 16 Mar 2016

Yes! About a year ago I discovered the article that httprouter links to in their readme. I think OPTIONS is great for testing purposes as I can have a generic integration test that uses OPTIONS to crawl all possible combinations!

The downside is writing lots of specific code that has to be changed when the api surface changes would be a terrible mistake.

drobati picture drobati on 11 Dec 2017

A way to fix this issue quickly. Try to create new middleware:

func Options(c *gin.Context) {
    if c.Request.Method != "OPTIONS" {
        c.Next()
    } else {
        c.Header("Access-Control-Allow-Origin", "*")
        c.Header("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,OPTIONS")
        c.Header("Access-Control-Allow-Headers", "authorization, origin, content-type, accept")
        c.Header("Allow", "HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS")
        c.Header("Content-Type", "application/json")
        c.AbortWithStatus(http.StatusOK)
    }
}

in router:

e.Use(header.Options)
appleboy picture appleboy on 12 Dec 2017
👍8

For anyone who meet CORS problem. Just FYI. The above code doesn't work for me somehow. I don't know why. This middleware https://github.com/gin-contrib/cors works for me (recommended by @Depado).

sgon00 picture sgon00 on 26 Feb 2019
👍2

an edit at @appleboy 's options function

func Options(c *gin.Context) {
    c.Header("Access-Control-Allow-Origin", "*")
    c.Header("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,OPTIONS")
    c.Header("Access-Control-Allow-Headers", "authorization, origin, content-type, accept")
    c.Header("Allow", "HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS")
    c.Header("Content-Type", "application/json")
    if c.Request.Method != "OPTIONS" {
        c.Next()
    } else {
        c.AbortWithStatus(http.StatusOK)
    }
}

on using this function as a middleware it solves CORS issue and also responds with the CORS header on any options route(Note: turn it off for production if not using it.)

Paradox-3arthling picture Paradox-3arthling on 21 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

gplume picture gplume  路  3Comments
wangcn picture wangcn  路  3Comments
iiinsomnia picture iiinsomnia  路  3Comments
boneq picture boneq  路  3Comments
ccaza picture ccaza  路  3Comments