Fix CORS middleware bug.

[Shelnutt2]

I am experiencing the same issue. I've tested and validated this fix works.

[bboozzoo]

After spending a couple of hours tracking down a problem that only existed in Chrome, I finally arrived here.

Is the project still alive? The problem is real, the code is there, build/tests pass, but nothing happened with the PR.

[applee]

@bboozzoo I have migrated to echo.

[ant0ine]

Hi, and sorry for the low activity these days.

I think an explanation of the bug is necessary. Are you saying that Chrome set Access-Control-Request-Headers to empty string, and we end up with CorsInfo.AccessControlRequestHeaders with the value []string{“”} ? In that case, I think the right fix should be in request.go where CorsInfo should not carry []string{“”} as a value. It would be essentially the same fix but applied earlier in the process.

Does this make sense ?

[applee]

@ant0ine Sorry, I didn't explained it clearly. I totally agree with u. Actually, I tried to fix it in request.go earlier.

[ant0ine]

I've merged @bboozzoo patch. Thanks for reporting, discussing and fixing this!