|
|
@@ -1,5 +1,6 @@
|
|
|
package com.fdkankan.fusion.config;
|
|
|
|
|
|
+import org.apache.commons.lang3.StringUtils;
|
|
|
import org.springframework.boot.web.servlet.ServletComponentScan;
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
|
@@ -32,17 +33,18 @@ public class OriginFilter implements Filter {
|
|
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
|
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
|
|
//指定允许其他域名访问
|
|
|
- response.setHeader("Access-Control-Allow-Origin", "*");
|
|
|
- response.setContentType("*/*");
|
|
|
+ String origin = request.getHeader("Origin");
|
|
|
+ response.setHeader("Access-Control-Allow-Origin", origin);
|
|
|
// 允许请求的方法
|
|
|
- response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,PUT");
|
|
|
+ response.setHeader("Access-Control-Allow-Methods", "*");
|
|
|
// 多少秒内,不需要再发送预检验请求,可以缓存该结果
|
|
|
response.setHeader("Access-Control-Max-Age", "3600");
|
|
|
// 表明它允许跨域请求包含xxx头
|
|
|
- response.setHeader("Access-Control-Allow-Headers",
|
|
|
- "Origin,No-Cache,X-Requested-With,If-Modified-Since, Pragma,Last-Modified,Cache-Control,Expires,userAgent,User-Agent,version, " +
|
|
|
- " Content-Type, content-type,X-E4M-With,Authorization,token,authorization,share,Sec-Fetch-Mode,Sec-Fetch-Site,Sec-Fetch-Dest,sec-ch-ua-platform" +
|
|
|
- ",sec-ch-ua-mobile,sec-ch-ua,Referer,Host,Connection,Accept-Language,Accept-Encoding,Accept,Cookie");
|
|
|
+ String headers = request.getHeader("Access-Control-Request-Headers");
|
|
|
+ if(StringUtils.isNotBlank(headers)) {
|
|
|
+ response.setHeader("Access-Control-Allow-Headers", headers);
|
|
|
+ response.setHeader("Access-Control-Expose-Headers", headers);
|
|
|
+ }
|
|
|
response.setHeader("Access-Control-Allow-Credentials", "true");
|
|
|
response.setHeader("XDomainRequestAllowed","1");
|
|
|
if (request.getMethod().equals("OPTIONS")) {
|
lyhzzz