Skip to content

孙克 / smf-core

转到一个项目
切换导航栏
切换导航栏固定状态
Commit 2e65e140 sunke
选项

跨域

1 个父辈 e9503f4b
内嵌 并排
正在显示 3 个修改的文件 包含 73 行增加30 行删除
src/main/java/com/neotel/smfcore/core/device/rest/DeviceController.java
package com.neotel.smfcore.core.device.rest;
import com.neotel.smfcore.security.annotation.AnonymousAccess;
import com.neotel.smfcore.security.annotation.AnonymousPostMapping;
import com.neotel.smfcore.core.storage.enums.DeviceType;
import com.neotel.smfcore.core.device.handler.IDeviceHandler;
......@@ -22,7 +23,6 @@ import java.util.Map;
@Slf4j
@RestController
@RequestMapping("/service/store")
@Api(tags = "设备通信")
public class DeviceController {
......@@ -39,8 +39,9 @@ public class DeviceController {
}
@ApiOperation("客户端定时通信接口")
@AnonymousPostMapping(value = "/communication")
@PostMapping(value = "/service/store/communication")
@ResponseBody
@AnonymousAccess
public StatusBean communication(@RequestBody final StatusBean statusBean, HttpServletRequest request) {
try {
String cid = statusBean.getCid();
......
src/main/java/com/neotel/smfcore/security/config/CorsConfig.java deleted 100644 → 0
package com.neotel.smfcore.security.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* Created by sunke on 2021/8/6.
*/
@Configuration
public class CorsConfig implements WebMvcConfigurer {
/**
* 开启跨域
*/
@Override
public void addCorsMappings(CorsRegistry registry) {
// 设置允许跨域的路由
registry.addMapping("/**")
// 设置允许跨域请求的域名
.allowedOriginPatterns("*")
// 是否允许证书(cookies)
.allowCredentials(true)
// 设置允许的方法
.allowedMethods("*")
// 跨域允许时间
.maxAge(3600);
}
}
src/main/java/com/neotel/smfcore/security/config/CorsFilter.java 0 → 100644
package com.neotel.smfcore.security.config;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.apache.logging.log4j.util.Strings;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
@Component
@WebFilter(urlPatterns = "/*")
@Order(-99999)
@Slf4j
public class CorsFilter extends HttpFilter {
/**
*
*/
private static final long serialVersionUID = 2386571986045107652L;
private static final String OPTIONS_METHOD = "OPTIONS";
@Override
protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
String origin = req.getHeader(HttpHeaders.ORIGIN);
String repOrigin = res.getHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN);
if (Strings.isNotBlank(origin) && Strings.isNotBlank(repOrigin)) {
// 允许客户端的域
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
// 允许客户端提交的Header
String requestHeaders = req.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
if (!StringUtils.isEmpty(requestHeaders)) {
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders);
}
// 允许客户端访问的Header
res.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
// 允许客户端携带凭证信息
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
// 允许客户端请求方法
res.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, OPTIONS, DELETE");
if (OPTIONS_METHOD.equalsIgnoreCase(req.getMethod())) {
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
res.setContentType(MediaType.TEXT_HTML_VALUE);
res.setCharacterEncoding("utf-8");
res.setContentLength(0);
res.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "1800");
return;
}
}
super.doFilter(req, res, chain);
}
}
\ No newline at end of file
支持 Markdown 格式
你添加了 0 到此讨论。请谨慎行事。
Finish editing this message first!