From ce723753b323aeb5c13d337986d5463682e81c75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9C=B1=E8=80=98=E7=A8=B7?= <18026623439@163.com> Date: Mon, 21 Dec 2020 13:43:01 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=84=E7=90=86=E8=B7=A8=E5=9F=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../co/yixiang/config/ConfigurerAdapter.java | 27 ++++++----- .../java/co/yixiang/config/CorsFilter.java | 47 +++++++++++++++++++ .../security/config/SecurityConfig.java | 2 +- 3 files changed, 64 insertions(+), 12 deletions(-) create mode 100644 yshop-admin/src/main/java/co/yixiang/config/CorsFilter.java diff --git a/yshop-admin/src/main/java/co/yixiang/config/ConfigurerAdapter.java b/yshop-admin/src/main/java/co/yixiang/config/ConfigurerAdapter.java index dac18a80..6585164f 100644 --- a/yshop-admin/src/main/java/co/yixiang/config/ConfigurerAdapter.java +++ b/yshop-admin/src/main/java/co/yixiang/config/ConfigurerAdapter.java @@ -15,6 +15,9 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; +import java.lang.reflect.Array; +import java.util.Arrays; + /** * WebMvcConfigurer * @@ -31,17 +34,19 @@ public class ConfigurerAdapter implements WebMvcConfigurer { @Value("${file.avatar}") private String avatar; - @Bean - public CorsFilter corsFilter() { - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - CorsConfiguration config = new CorsConfiguration(); - config.setAllowCredentials(true); - config.addAllowedOrigin("*"); - config.addAllowedHeader("*"); - config.addAllowedMethod("*"); - source.registerCorsConfiguration("/**", config); - return new CorsFilter(source); - } +// @Bean +// public CorsFilter corsFilter() { +// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); +// CorsConfiguration config = new CorsConfiguration(); +// config.setAllowCredentials(true); +// // 设置允许跨域请求的域名 +// config.setAllowedOriginPatterns(Arrays.asList("*")); +// config.addAllowedOrigin("*"); +// config.addAllowedHeader("*"); +// config.addAllowedMethod("*"); +// source.registerCorsConfiguration("/**", config); +// return new CorsFilter(source); +// } @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { diff --git a/yshop-admin/src/main/java/co/yixiang/config/CorsFilter.java b/yshop-admin/src/main/java/co/yixiang/config/CorsFilter.java new file mode 100644 index 00000000..520ff109 --- /dev/null +++ b/yshop-admin/src/main/java/co/yixiang/config/CorsFilter.java @@ -0,0 +1,47 @@ +package co.yixiang.config; + +/** + * @author :LionCity + * @date :Created in 2020-12-21 13:38 + * @description: + * @modified By: + * @version: + */ +import java.io.IOException; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpFilter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.core.annotation.Order; +import org.springframework.http.HttpHeaders; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; + +@Component +@Order(-9999) +public class CorsFilter extends HttpFilter { + + /** + * + */ + private static final long serialVersionUID = -8387103310559517243L; + + @Override + protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException { + + String origin = req.getHeader(HttpHeaders.ORIGIN); + + if (!StringUtils.isEmpty(origin)){ + res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin); + res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "Origin, x-requested-with, Content-Type, Accept, Authorization"); + res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); + res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, OPTIONS, DELETE"); + res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma"); + res.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "60"); + } + super.doFilter(req, res, chain); + } +} diff --git a/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java b/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java index df222114..160f414c 100644 --- a/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java +++ b/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java @@ -6,6 +6,7 @@ package co.yixiang.modules.security.config; import co.yixiang.annotation.AnonymousAccess; +import co.yixiang.config.CorsFilter; import co.yixiang.modules.security.security.JwtAccessDeniedHandler; import co.yixiang.modules.security.security.JwtAuthenticationEntryPoint; import co.yixiang.modules.security.security.TokenConfigurer; @@ -23,7 +24,6 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.web.filter.CorsFilter; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;