Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
smart_gov_platform
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
赵啸非
smart_gov_platform
Commits
431bff63
Commit
431bff63
authored
Oct 09, 2024
by
赵啸非
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
提交配置校验
parent
5b76a222
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
24 additions
and
10 deletions
+24
-10
base-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
...rtals/xhx/base/framework/filter/SameSiteCookieFilter.java
+14
-10
base-manager/src/test/java/com/mortals/httpclient/system/system.http
...r/src/test/java/com/mortals/httpclient/system/system.http
+10
-0
No files found.
base-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
View file @
431bff63
...
@@ -41,17 +41,21 @@ public class SameSiteCookieFilter implements Filter {
...
@@ -41,17 +41,21 @@ public class SameSiteCookieFilter implements Filter {
}
}
//cors
//cors
String
referer
=
httpRequest
.
getHeader
(
"Referer"
);
String
referer
=
httpRequest
.
getHeader
(
"Referer"
);
if
(
ObjectUtils
.
isEmpty
(
referer
))
chain
.
doFilter
(
request
,
response
);
if
(
ObjectUtils
.
isEmpty
(
referer
)){
referer
=
StrUtil
.
removeSuffix
(
referer
,
"/"
);
List
<
String
>
trustReferers
=
StrUtil
.
split
(
trustedReferer
,
","
);
if
(
ObjectUtils
.
isEmpty
(
trustReferers
))
chain
.
doFilter
(
request
,
response
);
if
(
trustReferers
.
contains
(
referer
))
{
chain
.
doFilter
(
request
,
response
);
chain
.
doFilter
(
request
,
response
);
}
else
{
}
else
{
httpResponse
.
sendError
(
HttpServletResponse
.
SC_FORBIDDEN
,
"CSRF protection"
);
referer
=
StrUtil
.
removeSuffix
(
referer
,
"/"
);
List
<
String
>
trustReferers
=
StrUtil
.
split
(
trustedReferer
,
","
);
if
(
ObjectUtils
.
isEmpty
(
trustReferers
)){
chain
.
doFilter
(
request
,
response
);
}
else
{
if
(
trustReferers
.
contains
(
referer
))
{
chain
.
doFilter
(
request
,
response
);
}
else
{
httpResponse
.
sendError
(
HttpServletResponse
.
SC_FORBIDDEN
,
"CSRF protection"
);
}
}
}
}
chain
.
doFilter
(
request
,
response
);
chain
.
doFilter
(
request
,
response
);
}
}
...
...
base-manager/src/test/java/com/mortals/httpclient/system/system.http
View file @
431bff63
...
@@ -261,3 +261,13 @@ Content-Type: application/json
...
@@ -261,3 +261,13 @@ Content-Type: application/json
{}
{}
###参数信息更新与保存
POST http://192.168.0.98:8090/basics_api/zwfw/page/bury/save
Content-Type: application/json
{
"name":"upd19g"
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
