Handle CORS in Go

Go does not have a built-in CORS middleware; you must manually add the required headers to your HTTP responses. Use the net/http package to set Access-Control-Allow-Origin and other headers in your handler or a wrapper function.

func corsMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.Header().Set("Access-Control-Allow-Origin", "*")
		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
		if r.Method == "OPTIONS" {
			w.WriteHeader(http.StatusNoContent)
			return
		}
		next.ServeHTTP(w, r)
	})
}

func main() {
	http.Handle("/", corsMiddleware(http.HandlerFunc(handler)))
	http.ListenAndServe(":8080", nil)
}

Replace * with your specific domain in production.

CORS is a security rule that stops web browsers from letting your website talk to a server on a different domain unless that server explicitly says it's okay. In Go, you have to write a small piece of code that adds special permission headers to every response your server sends. Think of it like a security guard at a club who checks your ID and lets you in only if you have the right pass.