跨域方法 支持重定向

跨域方法 支持重定向

Signed-off-by: 高雄 <admin@cxcp.com>
pull/193/head
高雄 2023-07-28 06:42:13 +00:00 committed by Gitee
parent 3da330341f
commit ccaba78e8d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 33 additions and 4 deletions

View File

@ -30,8 +30,11 @@ import javax.servlet.http.HttpServletResponse;
import java.awt.image.RenderedImage;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Date;
@ -63,6 +66,7 @@ public class OnlinePreviewController {
@GetMapping( "/onlinePreview")
public String onlinePreview(String url, Model model, HttpServletRequest req) {
String fileUrl;
try {
fileUrl = WebUtils.decodeUrl(url);
@ -121,6 +125,7 @@ public class OnlinePreviewController {
}
HttpURLConnection urlcon = null;
InputStream inputStream = null;
String urlStr;
assert urlPath != null;
if (!urlPath.toLowerCase().startsWith("http") && !urlPath.toLowerCase().startsWith("https") && !urlPath.toLowerCase().startsWith("ftp")) {
logger.info("读取跨域文件异常可能存在非法访问urlPath{}", urlPath);
@ -135,19 +140,43 @@ public class OnlinePreviewController {
urlcon.setReadTimeout(30000);
urlcon.setInstanceFollowRedirects(false);
int responseCode = urlcon.getResponseCode();
if ( responseCode == 403 || responseCode == 500) { //403 500
logger.error("读取跨域文件异常url{},错误:{}", urlPath,responseCode);
return ;
}
if (responseCode == HttpURLConnection.HTTP_MOVED_PERM || responseCode == HttpURLConnection.HTTP_MOVED_TEMP) { //301 302
url =new URL(urlcon.getHeaderField("Location"));
urlcon=(HttpURLConnection)url.openConnection();
} if (responseCode == 404 ) { //404
try {
urlStr = URLDecoder.decode(urlPath, StandardCharsets.UTF_8.name());
urlStr = URLDecoder.decode(urlStr, StandardCharsets.UTF_8.name());
url = WebUtils.normalizedURL(urlStr);
urlcon=(HttpURLConnection)url.openConnection();
urlcon.setConnectTimeout(30000);
urlcon.setReadTimeout(30000);
urlcon.setInstanceFollowRedirects(false);
responseCode = urlcon.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_MOVED_PERM || responseCode == HttpURLConnection.HTTP_MOVED_TEMP) { //301 302
url =new URL(urlcon.getHeaderField("Location"));
}
if(responseCode == 404 ||responseCode == 403 || responseCode == 500 ){
logger.error("读取跨域文件异常url{},错误:{}", urlPath,responseCode);
return ;
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}finally {
assert urlcon != null;
urlcon.disconnect();
}
}
if (responseCode == HttpURLConnection.HTTP_NOT_FOUND ||responseCode == HttpURLConnection.HTTP_FORBIDDEN || responseCode == HttpURLConnection.HTTP_INTERNAL_ERROR ) { //403 404 500
logger.error("读取跨域文件异常url{},错误:{}", urlPath,responseCode);
} else {
if(urlPath.contains( ".svg")) {
response.setContentType("image/svg+xml");
}
inputStream=(url).openStream();
IOUtils.copy(inputStream, response.getOutputStream());
}
} catch (IOException | GalimatiasParseException e) {
logger.error("读取跨域文件异常url{}", urlPath);
} finally {