Heroku授权标头丢失

时间:2020-06-27 00:51:51

标签: react-native go heroku cors

我在heroku中部署了golang api服务。我正在使用axios从react native iOS应用程序调用api。问题是即使我已验证我正在使用reactotron发送授权标头,heroku中的授权标头也丢失了。

客户端:

const {data} = await axios.get(url, {
  headers: {
     Authorization: `Basic ${token}`,
  },
});

服务器端日志:

time="2020-06-27T00:41:06Z" level=info msg=Header name=Accept value="application/json, text/plain, */*"
2020-06-27T00:41:06.875881+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Accept-Encoding value="gzip, deflate, br"
2020-06-27T00:41:06.875885+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Connection value=close
2020-06-27T00:41:06.875912+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=X-Forwarded-For value=some ip address
2020-06-27T00:41:06.875969+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=X-Forwarded-Proto value=https
2020-06-27T00:41:06.875970+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Connect-Time value=1
2020-06-27T00:41:06.875994+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Accept-Language value=en-us
2020-06-27T00:41:06.876042+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=X-Request-Start value=1593218466874
2020-06-27T00:41:06.876047+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Total-Route-Time value=0
2020-06-27T00:41:06.876081+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=User-Agent value="app/1 CFNetwork/1126 Darwin/19.5.0"
2020-06-27T00:41:06.876106+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=X-Request-Id value=some id
2020-06-27T00:41:06.876146+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=X-Forwarded-Port value=443
2020-06-27T00:41:06.876150+00:00 app[web.1]: time="2020-06-27T00:41:06Z" level=info msg=Header name=Via value="1.1 vegur"

有趣的是,我可以通过邮递员成功呼叫端点。该代码还可以与本地api服务完美配合。我的第一个假设是CORS问题,因此我添加了所有标头,如下所示:

w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")

其中w是http.ResponseWriter。他们没有帮助。授权标头为MISSING!如果我发送“ X授权”,则可以正常工作。我的猜测是问题是heroku。

有人有指针如何解决这个问题吗?

1 个答案:

答案 0 :(得分:-1)

哇。我找到了解决方法。

https://herokuapp.com//api/something删除授权标头。 https://herokuapp.com/api/something不会删除标题。

双斜杠导致标题下降。