1

src/main/java/com/fdkankan/tk/config/OriginFilter.java

@@ -34,33 +34,25 @@ public class OriginFilter implements Filter {
 	@Override
 	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
 
-		HttpServletRequest request = (HttpServletRequest) servletRequest;
 		HttpServletResponse response = (HttpServletResponse) servletResponse;
-		response.setHeader("x-frame-options", "SAMEORIGIN");
-		// 不使用*，自动适配跨域域名，避免携带Cookie时失效
-		String origin = request.getHeader("Origin");
-		log.info(origin);
-		if (StringUtils.isNotBlank(origin)) {
-			response.setHeader("Access-Control-Allow-Origin", origin);
-		}
-		// 自适应所有自定义头
-		String headers = request.getHeader("Access-Control-Request-Headers");
-		if(StringUtils.isNotBlank(headers)) {
-			response.setHeader("Access-Control-Allow-Headers", headers);
-			response.setHeader("Access-Control-Expose-Headers", headers);
-		}
-		// 允许跨域的请求方法类型
-		response.setHeader("Access-Control-Allow-Methods", "*");
-		// 预检命令（OPTIONS）缓存时间，单位：秒
+		HttpServletRequest request = (HttpServletRequest) servletRequest;
+		//指定允许其他域名访问
+		response.setHeader("Access-Control-Allow-Origin", "*");
+		// 允许请求的方法
+		response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,PUT");
+		// 多少秒内，不需要再发送预检验请求，可以缓存该结果
 		response.setHeader("Access-Control-Max-Age", "3600");
-		// 明确许可客户端发送Cookie，不允许删除字段即可
+		// 表明它允许跨域请求包含xxx头
+		response.setHeader("Access-Control-Allow-Headers",
+				"Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires,userAgent,User-Agent,version, " +
+						" Content-Type, content-type,X-E4M-With,Authorization,token,authorization");
 		response.setHeader("Access-Control-Allow-Credentials", "true");
 		if (request.getMethod().equals("OPTIONS")) {
 			response.setStatus(200);
 			response.getWriter().write("OPTIONS returns OK");
 			return;
 		}
-		filterChain.doFilter(request, response);
+		filterChain.doFilter(servletRequest, response);
 	}
 }