Failed to load http://wantTOgo.com/get_sts_token/: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://fromHere.com' is therefore not allowed access.

Failed to load http://wantTOgo.com/get_sts_token/:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://fromHere.com' is therefore not allowed access.

 

 

package main

import (
   "./myKey"
   "fmt"
   "os"

   "github.com/aliyun/aliyun-sts-go-sdk/sts"
   "github.com/labstack/echo"
   "github.com/labstack/echo/middleware"
   "net/http"
)

func handleError(err error) {
   fmt.Println(err)
   os.Exit(-1)
}

const (
   accessKeyID     = myKey.AccessKeyID
   accessKeySecret = myKey.AccessKeySecret
   roleArn         = myKey.RoleArn
   sessionName     = myKey.SessionName
)

type ExceptionResp struct {
   Status  string
   Message string
}

func main() {
   e := echo.New()
   e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
      // AllowOrigins: []string{"https://labstack.com", "https://labstack.net"},
      AllowOrigins: []string{"*"},
      // AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept},
      AllowHeaders: []string{"*"},
   }))
   e.GET("/aliSTS/:uid", func(c echo.Context) error {
      uid := c.Param("uid")
      fmt.Println("LOG ", uid)
      stsClient := sts.NewClient(accessKeyID, accessKeySecret, roleArn, sessionName)
      resp, err := stsClient.AssumeRole(3600)
      if err != nil {
         handleError(err)
         r := &ExceptionResp{
            Status:  "-1",
            Message: "what?",
         }
         return c.JSON(http.StatusOK, r)
      }
      r := resp.Credentials
      return c.JSON(http.StatusOK, r)
   })
   e.Logger.Fatal(e.Start(":1324"))
}


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
 </body>
</html>
<script>
    const ourSTSurl = 'http://blackhole.com:1324/aliSTS/33333'
    const xhr = new XMLHttpRequest()
    const verb = 'GET'
    xhr.open(verb,ourSTSurl)
    xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
    xhr.send()
    console.log(xhr)
</script>

 





 












            

            
posted @ 
 
papering 
阅读(759) 
评论(0编辑 
收藏 
举报


        

	    
	    
    









    
    

    
    



    

        
    

        

            
                
                
            
        

    

编辑推荐:



· AI与.NET技术实操系列:基于图像分类模型对图像进行分类
    

· go语言实现终端里的倒计时
    

· 如何编写易于单元测试的代码
    

· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
    

· .NET Core 中如何实现缓存的预热?
    



    

    阅读排行:
    

 ·          分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
        

 ·          基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
        

 ·          ollama系列01:轻松3步本地部署deepseek,普通电脑可用
        

 ·          25岁的心里话
        

 ·          按钮权限的设计及实现
        



    

历史上的今天:



2017-08-30    TRansportation ANalysis and SIMulation System
    

2017-08-30    源数据的换行符
    

2017-08-30    小学生的加减乘除
    

2016-08-30    route
    

2016-08-30    queue hardware os
    

2016-08-30    First normal formal Second normal form
    



    



	

	

	
	

	

	

	





    

    
    








  

  
点击右上角即可分享

  微信分享提示

   
    
SQL AI 助手