Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
smart_gov_platform
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
赵啸非
smart_gov_platform
Commits
051a91c9
Commit
051a91c9
authored
Oct 10, 2024
by
赵啸非
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
提交配置校验
parent
e828e2a5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
13 deletions
+14
-13
portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
...rtals/xhx/base/framework/filter/SameSiteCookieFilter.java
+14
-13
No files found.
portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
View file @
051a91c9
...
@@ -32,20 +32,21 @@ public class SameSiteCookieFilter implements Filter {
...
@@ -32,20 +32,21 @@ public class SameSiteCookieFilter implements Filter {
String
[]
allowDomain
=
{
"localhost"
,
"192.168.0.98"
};
String
[]
allowDomain
=
{
"localhost"
,
"192.168.0.98"
};
Set
allowedOrigins
=
new
HashSet
(
Arrays
.
asList
(
allowDomain
));
Set
allowedOrigins
=
new
HashSet
(
Arrays
.
asList
(
allowDomain
));
String
originHeader
=((
HttpServletRequest
)
request
).
getHeader
(
"Origin"
);
String
originHeader
=((
HttpServletRequest
)
request
).
getHeader
(
"Origin"
);
if
(!
ObjectUtils
.
isEmpty
(
originHeader
)){
URI
host
=
URLUtil
.
getHost
(
new
URL
(
originHeader
));
URI
host
=
URLUtil
.
getHost
(
new
URL
(
originHeader
));
String
origin
=
host
.
getHost
();
String
origin
=
host
.
getHost
();
if
(
allowedOrigins
.
contains
(
origin
)){
if
(
allowedOrigins
.
contains
(
origin
)){
httpResponse
.
setHeader
(
"Access-Control-Allow-Origin"
,
originHeader
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Origin"
,
originHeader
);
httpResponse
.
setContentType
(
"application/json;charset=UTF-8"
);
httpResponse
.
setContentType
(
"application/json;charset=UTF-8
"
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Methods"
,
"POST, GET, OPTIONS, DELETE
"
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Methods"
,
"POST, GET, OPTIONS, DELETE
"
);
httpResponse
.
setHeader
(
"Access-Control-Max-Age"
,
"3600
"
);
httpResponse
.
setHeader
(
"Access-Control-Max-Age"
,
"3600
"
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Headers"
,
"Content-Type,Access-Token
"
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Headers"
,
"Content-Type,Access-Token"
);
// 如果要把Cookie发到服务器,需要指定Access-Control-Allow-Credentials字段为true
// 如果要把Cookie发到服务器,需要指定Access-Control-Allow-Credentials字段为true
httpResponse
.
setHeader
(
"Access-Control-Allow-Credentials"
,
"true"
);
httpResponse
.
setHeader
(
"Access-Control-Allow-Credentials"
,
"true
"
);
httpResponse
.
setHeader
(
"Access-Control-Expose-Headers"
,
"*
"
);
httpResponse
.
setHeader
(
"Access-Control-Expose-Headers"
,
"*"
);
}
}
}
chain
.
doFilter
(
request
,
response
);
chain
.
doFilter
(
request
,
response
);
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
