cxc/yshopb2c
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

处理跨域

Browse Source
This commit is contained in:
朱耘稷
2020-12-21 13:43:01 +08:00
committed by xuwenbo
parent db6e3801ed
commit ce723753b3
3 changed files with 64 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
yshop-admin/src/main/java/co/yixiang/config/ConfigurerAdapter.java
View File

@ -15,6 +15,9 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.lang.reflect.Array;
import java.util.Arrays;
/** /**
* WebMvcConfigurer * WebMvcConfigurer
* *
@ -31,17 +34,19 @@ public class ConfigurerAdapter implements WebMvcConfigurer {
@Value("${file.avatar}") @Value("${file.avatar}")
private String avatar; private String avatar;
@Bean // @Bean
public CorsFilter corsFilter() { // public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); // UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration(); // CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true); // config.setAllowCredentials(true);
config.addAllowedOrigin("*"); // // 设置允许跨域请求的域名
config.addAllowedHeader("*"); // config.setAllowedOriginPatterns(Arrays.asList("*"));
config.addAllowedMethod("*"); // config.addAllowedOrigin("*");
source.registerCorsConfiguration("/**", config); // config.addAllowedHeader("*");
return new CorsFilter(source); // config.addAllowedMethod("*");
} // source.registerCorsConfiguration("/**", config);
// return new CorsFilter(source);
// }
@Override @Override
public void addResourceHandlers(ResourceHandlerRegistry registry) { public void addResourceHandlers(ResourceHandlerRegistry registry) {

47
yshop-admin/src/main/java/co/yixiang/config/CorsFilter.java Normal file
View File

@ -0,0 +1,47 @@
package co.yixiang.config;
/**
* @author LionCity
* @date Created in 2020-12-21 13:38
* @description
* @modified By
* @version:
*/
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
@Component
@Order(-9999)
public class CorsFilter extends HttpFilter {
/**
*
*/
private static final long serialVersionUID = -8387103310559517243L;
@Override
protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
String origin = req.getHeader(HttpHeaders.ORIGIN);
if (!StringUtils.isEmpty(origin)){
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "Origin, x-requested-with, Content-Type, Accept, Authorization");
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, OPTIONS, DELETE");
res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma");
res.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "60");
}
super.doFilter(req, res, chain);
}
}

2
yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java
View File

@ -6,6 +6,7 @@
package co.yixiang.modules.security.config; package co.yixiang.modules.security.config;
import co.yixiang.annotation.AnonymousAccess; import co.yixiang.annotation.AnonymousAccess;
import co.yixiang.config.CorsFilter;
import co.yixiang.modules.security.security.JwtAccessDeniedHandler; import co.yixiang.modules.security.security.JwtAccessDeniedHandler;
import co.yixiang.modules.security.security.JwtAuthenticationEntryPoint; import co.yixiang.modules.security.security.JwtAuthenticationEntryPoint;
import co.yixiang.modules.security.security.TokenConfigurer; import co.yixiang.modules.security.security.TokenConfigurer;
@ -23,7 +24,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.method.HandlerMethod; import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;