Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attach Response Headers (or middlewares) to redirected requests (CORS issues) #3857

Open
yashvardhan-kukreja opened this issue Feb 28, 2024 · 1 comment · May be fixed by #3858
Open

Attach Response Headers (or middlewares) to redirected requests (CORS issues) #3857

yashvardhan-kukreja opened this issue Feb 28, 2024 · 1 comment · May be fixed by #3858

Comments

@yashvardhan-kukreja
Copy link

yashvardhan-kukreja commented Feb 28, 2024
edited

Description

When the gin engine's tree is not aware of a path /foo/ , instead of returning a 404, it responds plainly with a 307 Location: /foo (or 301 in case of GET) i.e. telling the client to redirect to /foo

There's no way to tell Gin what to do with such requests through the means any middlewares, like attaching CORS middlewares (a pretty commonly encountered case).

Some solutions I can think of:

  • Have a way to define what happens on redirect like we currently do with engine.NoRoute(..,) to explicitly define what happens at NotFound.
	server := gin.New()
	server.OnRedirect(cors.Default())
  • Apply the middlewares registered at the routerGroup "/" to all the incoming requests, including redirect request.
	server := gin.New()
	server.Use(cors.Default()) // registered at the "/" routergroup, therefore, redirect requests go through it as well

How to reproduce

package main

import (
	"github.com/gin-gonic/gin"
	"github.com/gin-contrib/cors"
)

func main() {
	g := gin.Default()
        g.Use(cors.Default())
	g.GET("/foo", func(c *gin.Context) {
		c.String(200, "Hello, World!"))
	})
	g.Run(":9000")
}

Expectations

Open a new tab in the browser and open dev tools there.
Go to the "Console", and run the following code

let response = await fetch('http://localhost:9000/foo/', {
  method: 'GET'
})

Expectation

response.text() should be "Hello World!"

Actual result

Access to fetch at 'http://localhost:9000/foo/' from origin 'chrome-extension://pejkokffkapolfffcgbmdmhdelanoaih' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Environment

  • go version: 1.22.0
  • gin version (or commit ref): 1.9.1
  • operating system: MacOS (Darwin ARM64)
@yashvardhan-kukreja yashvardhan-kukreja changed the title Attach Response Headers (or middlewares) to redirected requests Attach Response Headers (or middlewares) to redirected requests (CORS issues) Feb 29, 2024
@yashvardhan-kukreja yashvardhan-kukreja linked a pull request Feb 29, 2024 that will close this issue
Open
@yashvardhan-kukreja
Copy link
Author

Raised the above PR #3858 as a resolution if the above issue is deemed worthy of having a solution.

@RedCrazyGhost RedCrazyGhost mentioned this issue Mar 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(backwards compatible): support for onredirect middleware yashvardhan-kukreja/gin
1 participant
@yashvardhan-kukreja