At present, the cloud side-end architecture video platform developed by TSINGSEE Qingxi Video, such as EasyNVR login basically uses the http protocol, if you need to log in via https, you need to configure an SSL certificate.
HTTP1.0 version defines three request methods: GET, POST, HEAD. The new generation of HTTP1.1 version adds five request methods OPTIONS, PUT, DELETE, TRACE and CONNECT methods.
Due to the complexity of the request methods, it may cause security problems if unnecessary HTTP methods are enabled during use. Therefore, we recommend that you disable unnecessary HTTP methods without affecting your business.
The request method of the interface is specified by the server, and you can modify the location of the server.
allowMethod := utils.Conf().Section("base_config").Key("allow_method").MustString("GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS")
allowMethods := strings.Split(allowMethod, ",")
corsConfig := cors.Config{
// 允许的请求格式
AllowMethods: allowMethods,
AllowHeaders: []string{"Origin", "Content-Length", "Content-Type"},
AllowCredentials: true,
MaxAge: 12 * time.Hour,
}
if allAllOrigins {
// 允许的域名或者IP
corsConfig.AllowOrigins = allowOrigins
corsConfig.AllowOriginFunc = func(origin string) bool { return false }
} else {
corsConfig.AllowAllOrigins = true
}
Router.Use(cors.New(corsConfig))
allowMethod is the request method allowed by the interface, we need to change it to support the configuration in the configuration file. If not configured, there are GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS request methods by default.