WxxyDeveloper/JSL_OrganizeInternalOA
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 跨域维护

Browse Source
This commit is contained in:
筱锋xiao_lfeng 2024-01-19 23:44:21 +08:00
parent c49c96290a
commit 1ba0b73ac7
Signed by: XiaoLFeng
GPG Key ID: F693AA12AABBFA87
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/main/java/com/jsl/oa/config/filter/CorsFilter.java
View File

@ -1,6 +1,7 @@
package com.jsl.oa.config.filter;
import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
import javax.servlet.*;
@ -15,8 +16,8 @@ public class CorsFilter implements Filter {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
// 允许跨域请求
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
// 设置请求头
setHeader(response);
try {
chain.doFilter(request, response);
@ -25,10 +26,22 @@ public class CorsFilter implements Filter {
}
}
public void init(FilterConfig filterConfig) {}
public void init(FilterConfig filterConfig) {
}
public void destroy() {
Filter.super.destroy();
}
protected static void setHeader(@NotNull HttpServletResponse response) {
// 允许跨域请求
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
//允许请求方式
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
//需要放行header头部字段 如需鉴权字段自行添加如Authorization
response.setHeader("Access-Control-Allow-Headers", "*");
}
}

2
src/main/java/com/jsl/oa/config/filter/JwtFilter.java
View File

@ -66,7 +66,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
// 添加跨域禁止
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
CorsFilter.setHeader(httpServletResponse);
// 程序执行
try {
// 尝试获取Authorization Header