Problem description

Access to XMLHttpRequest at ‘http://127.0.0.1:8888/base/captcha’ from origin ‘http://127.0.0.1:8080’ has been blocked by CORS policy: Cannot parse Access-Control-Allow-Headers response header field in preflight response.

127.0.0.1:8888 The cross domain policy of the backend is ：

	origin := c.Request.Header.Get("Origin")
	c.Header("Access-Control-Allow-Origin", origin)
	c.Header("Access-Control-Allow-Headers", "Content-Type, AccessToken, X-CSRF-Token, Authorization, Token, x-token, x-user-id\"")
	c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS,DELETE,PUT")
	c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type")
	c.Header("Access-Control-Allow-Credentials", "true")

After commenting out the third line

//c.Header("Access-Control-Allow-Headers", "Content-Type, AccessToken, X-CSRF-Token, Authorization, Token, x-token, x-user-id\"")

The error message is ：

Access to XMLHttpRequest at ‘http://127.0.0.1:8888/base/captcha’ from origin ‘http://127.0.0.1:8080’ has been blocked by CORS policy: Request header field x-token is not allowed by Access-Control-Allow-Headers in preflight response.

Change the third line to ：

c.Header("Access-Control-Allow-Headers", "*") // Allow access to all domains 

Normal access .

The actual reason is that there is an extra quotation mark at the end of the third line of code “"”, After deleting , as follows

	origin := c.Request.Header.Get("Origin")
	c.Header("Access-Control-Allow-Origin", origin)
	c.Header("Access-Control-Allow-Headers", "Content-Type, AccessToken, X-CSRF-Token, Authorization, Token, x-token, x-user-id")
	c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS,DELETE,PUT")
	c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type")
	c.Header("Access-Control-Allow-Credentials", "true")

Normal access .