I'm using rs/cors in my Go API to allow my Angularjs app to make direct requests. I've added the following code to configure CORS:
crs := cors.New(cors.Options{AllowCredentials: true})
n.Use(crs) //Negroni include
but I'm getting the No 'Access-Control-Allow-Origin' header is present on the requested resource message in the browser when I make a request.
My request looks like this:
var req = {
method: 'POST',
url: endPoint + version + method,
headers: {
'Authorization': 'Basic ' + btoa(':' + appId)
},
data: params
}
$http(req).
success(function(data, status, headers, config) {
callback(null, data);
}).
error(function(data, status, headers, config) {
callback(data);
});
How can I get round this?
Fixed it! I noticed that a few different headers were being sent with the request and I had to explicitly allow all of them.
AllowedHeaders: []string{"accept", "authorization", "content-type"}
I hope this helps someone.