提交配置校验

portal-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java

@@ -34,7 +34,6 @@ public class SameSiteCookieFilter implements Filter {
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
         HttpServletResponse httpResponse = (HttpServletResponse) response;
-        String []  allowDomain= {"localhost","192.168.0.98"};
 
         List<String> allowedOrigins = StrUtil.split(trustedReferer, ",");
        // Set allowedOrigins= new HashSet(Arrays.asList(allowDomain));
@@ -44,13 +43,13 @@ public class SameSiteCookieFilter implements Filter {
             String origin =  host.getHost();
             if (allowedOrigins.contains(origin)){
                 httpResponse.setHeader("Access-Control-Allow-Origin", originHeader);
-               // httpResponse.setContentType("application/json;charset=UTF-8");
+                httpResponse.setContentType("application/json;charset=UTF-8");
                 httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                 httpResponse.setHeader("Access-Control-Max-Age", "3600");
-                httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type,Access-Token");
+                httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type,authorization,authtoken");
                 // 如果要把Cookie发到服务器，需要指定Access-Control-Allow-Credentials字段为true
                 httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
-                //httpResponse.setHeader("Access-Control-Expose-Headers", "*");
+                httpResponse.setHeader("Access-Control-Expose-Headers", "*");
             }
         }