`Do you want the application "main" to accept incoming network connections?` pop up while running Go applications
Every time I am running Go applications on MacOs with this command:
go run main.go
I get this pop up message:
Do you want the application "main" to accept incoming network connections?
I added Go
and all main
executable files to Firewall Exceptions but I am still getting this pop ups. I am running out of ideas. Please can anyone help me to get rid of those pop ups? At this point I have no idea if the problem is related to Golang or MacOs.
Solution 1:
This is normal behaviour.
Each time you run go run main.go
a new executable file is being created. This executable file is unique and unrecognised by macOS's security checks. Thus macOS asks, every time, for you to confirm if the new executable can have network access.
Build and Sign
To avoid the warning, you need to build the executable file once and codesign it. You can build the executable file using the command:
go build -o mycmd main.go
The resulting executable called mycmd
can be run using:
./mycmd
To ad-hoc codesign this executable use:
codesign -s - mycmd
This will cause macOS to trust this build of mycmd
on your Mac. The first time it is run, you will be asked for network access. Subsequent runs will not require network checks.
Solution 2:
You can avoid this pop-up when running local tests if you specify the host portion of the address that will be listened to to be "localhost" or "127.0.0.1". Many programs let you set the address through the command line or an environment variable and many of those programs will default to passing no host to the listen command. With no host specified, Go will listen on 0.0.0.0 and macOS will want to warn you about that. When Go opens ports on the localhost, macOS doesn't warn - at least not in my cases.
For example, instead of:
r := gin.Default()
r.Run()
you can write:
r := gin.Default()
r.Run("localhost:8080")
Solution 3:
Thanks to the answer by @WeakPointer above, I figured all we need to do in our code is to replace:
http.ListenAndServe(":8080", nil)
by:
http.ListenAndServe("localhost:8080", nil)
or if using a library like gin-gonic, replace:
r.Run()
by:
r.Run("localhost:8080")