HTTP server triggers 'Access-Control-Allow-Origin' header contains multiple values error

[paul.h....@gmail.com]

We have a simple http service running using the net/http package and I tried setting the Access-Control-Allow-Origin header value as in:

w.Header().Set("Access-Control-Allow-Origin", "*")

and when I do so the client side gets an error: "The 'Access-Control-Allow-Origin' header contains multiple values"

So it seems somewhere else the request origin is already added to the header although I can't find any mention of this in the docs.
What's the correct method for setting this header value so that it overrides what's there already?

Thanks for any pointers.

[paul.h....@gmail.com]

Further to this... it seems the request origin is being "Add"ed to the header sometime after our handler gets called.
I tried doing a "Del" on the key before calling "Set" but this made no difference.

[Ain]

kolmapäev, 7. detsember 2016 0:30.12 UTC+2 kirjutas paul.h....@gmail.com:

We have a simple http service running using the net/http package and I tried setting the Access-Control-Allow-Origin header value as in:

w.Header().Set("Access-Control-Allow-Origin", "*")

and when I do so the client side gets an error: "The 'Access-Control-Allow-Origin' header contains multiple values"

And how the raw header looks like (at the client side)?

So it seems somewhere else the request origin is already added to the header although I can't find any mention of this in the docs.

Do you use any http middleware / frameworks or is it plain net/http server?

ain 

[Dave Cheney]

Grep for that string in GOROOT, it's not there, the net/http package is probably not adding it.

Can you create a stand alone program that shows the problem?

Dave

[paul.h....@gmail.com]

Ok, I've since discovered that there's an nginx proxy in front of my service that is adding the header.

Sorry for the false alarm. :(

Problem resolved.