v0.17.29 v0.17.38 v0.17.37 v0.17.36 v0.17.35 v0.17.34 v0.17.33 v0.17.32 v0.17.31 v0.17.30 v0.17.28 v0.17.27 v0.17.26 v0.17.25 v0.17.24 v0.17.23 v0.17.22 v0.17.21 v0.17.20 v0.17.19 master


Setting CORS headers using rs/cors for gqlgen
You are looking at the docs for an older version (v0.17.29). The latest version is v0.17.38.

Cross-Origin Resource Sharing (CORS) headers are required when your graphql server lives on a different domain to the one your client code is served. You can read more about CORS in the MDN docs.


gqlgen doesn’t include a CORS implementation, but it is built to work with all standard http middleware. Here we are going to use the fantastic chi and rs/cors to build our server.

package main

import (


func main() {
	router := chi.NewRouter()

	// Add CORS middleware around every request
	// See https://github.com/rs/cors for full option listing
		AllowedOrigins:   []string{"http://localhost:8080"},
		AllowCredentials: true,
		Debug:            true,

    srv := handler.NewDefaultServer(starwars.NewExecutableSchema(starwars.NewResolver()))
        Upgrader: websocket.Upgrader{
            CheckOrigin: func(r *http.Request) bool {
                // Check against your desired domains here
                 return r.Host == "example.org"
            ReadBufferSize:  1024,
            WriteBufferSize: 1024,

	router.Handle("/", playground.Handler("Starwars", "/query"))
	router.Handle("/query", srv)

	err := http.ListenAndServe(":8080", router)
	if err != nil {