提交配置校验

portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java

@@ -16,10 +16,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URL;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
+import java.util.*;
 
 @Slf4j
 @Component
@@ -52,10 +49,25 @@ public class SameSiteCookieFilter implements Filter {
                 httpResponse.setHeader("Access-Control-Expose-Headers", "*");
             }
         }
+        addSameSiteAttribute((HttpServletResponse) response);
 
         chain.doFilter(request, response);
     }
 
+
+    private void addSameSiteAttribute(HttpServletResponse response) {
+        Collection<String> headers = response.getHeaders("Set-Cookie");
+        boolean firstHeader = true;
+        for (String header : headers) {
+            if (firstHeader) {
+                response.setHeader("Set-Cookie", String.format("%s; %s", header, "SameSite=Strict"));
+                firstHeader = false;
+                continue;
+            }
+            response.addHeader("Set-Cookie", String.format("%s; %s", header, "SameSite=Strict"));
+        }
+    }
+
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {}
 

portal-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java

@@ -27,6 +27,7 @@ import org.springframework.util.ObjectUtils;
 import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;
 
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;
@@ -93,6 +94,7 @@ public class AuthUserInterceptor extends BaseInterceptor {
                 }
             }
         }
+
 //Origin