提交配置校验

9ff6fa97 · 赵啸非 · 051a91c9 · 9ff6fa97
Commit 9ff6fa97 authored Oct 10, 2024 by 赵啸非
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java ...rtals/xhx/base/framework/filter/SameSiteCookieFilter.java +8 -1

No files found.
--- a/portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
@@ -4,6 +4,7 @@ import cn.hutool.core.util.StrUtil;
 import cn.hutool.core.util.URLUtil;
 import cn.hutool.http.HttpStatus;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Profile;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
@@ -25,12 +26,18 @@ import java.util.Set;
 @Profile({"yanyuan", "test"})
 public class SameSiteCookieFilter implements Filter {
+    @Value("${trustedReferer:''}")
+    private String trustedReferer;
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        String []  allowDomain= {"localhost","192.168.0.98"};
-        Set allowedOrigins= new HashSet(Arrays.asList(allowDomain));
+        List<String> allowedOrigins = StrUtil.split(trustedReferer, ",");
+       // Set allowedOrigins= new HashSet(Arrays.asList(allowDomain));
        String originHeader=((HttpServletRequest) request).getHeader("Origin");
        if(!ObjectUtils.isEmpty(originHeader)){
            URI host = URLUtil.getHost(new URL(originHeader));