diff --git a/src/main/java/cc/ryanc/halo/filter/CorsFilter.java b/src/main/java/cc/ryanc/halo/filter/CorsFilter.java index 9cceef8aa..1c7b0d68b 100644 --- a/src/main/java/cc/ryanc/halo/filter/CorsFilter.java +++ b/src/main/java/cc/ryanc/halo/filter/CorsFilter.java @@ -21,7 +21,7 @@ public class CorsFilter extends OncePerRequestFilter { protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException { // Set customized header - httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, "*"); + httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, httpServletRequest.getHeader(HttpHeaders.ORIGIN)); httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*"); httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTION"); httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true"); diff --git a/src/main/java/cc/ryanc/halo/security/handler/DefaultAuthenticationFailureHandler.java b/src/main/java/cc/ryanc/halo/security/handler/DefaultAuthenticationFailureHandler.java index 091bb8ea6..64f988cc5 100644 --- a/src/main/java/cc/ryanc/halo/security/handler/DefaultAuthenticationFailureHandler.java +++ b/src/main/java/cc/ryanc/halo/security/handler/DefaultAuthenticationFailureHandler.java @@ -35,6 +35,7 @@ public class DefaultAuthenticationFailureHandler implements AuthenticationFailur @Override public void onFailure(HttpServletRequest request, HttpServletResponse response, HaloException exception) throws IOException, ServletException { log.warn("Handle unsuccessful authentication, ip: [{}]", ServletUtil.getClientIP(request)); + log.error("Authentication failure", exception); BaseResponse errorDetail = new BaseResponse<>(); @@ -46,8 +47,6 @@ public class DefaultAuthenticationFailureHandler implements AuthenticationFailur errorDetail.setDevMessage(ExceptionUtils.getStackTrace(exception)); } - log.debug("Response error: [{}]", errorDetail); - response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); response.setStatus(exception.getStatus().value()); response.getWriter().write(objectMapper.writeValueAsString(errorDetail));