mirror of https://github.com/halo-dev/halo
Refactor Cors configuration
johnniang
parent
b66637a6c8
commit
ef38480dd7
|
|
@ -1,15 +1,18 @@
|
||||||
package cc.ryanc.halo.config;
|
package cc.ryanc.halo.config;
|
||||||
|
|
||||||
|
import cc.ryanc.halo.filter.CorsFilter;
|
||||||
import cc.ryanc.halo.web.interceptor.ApiInterceptor;
|
import cc.ryanc.halo.web.interceptor.ApiInterceptor;
|
||||||
import cc.ryanc.halo.web.interceptor.InstallInterceptor;
|
import cc.ryanc.halo.web.interceptor.InstallInterceptor;
|
||||||
import cc.ryanc.halo.web.interceptor.LocaleInterceptor;
|
import cc.ryanc.halo.web.interceptor.LocaleInterceptor;
|
||||||
import cc.ryanc.halo.web.interceptor.LoginInterceptor;
|
import cc.ryanc.halo.web.interceptor.LoginInterceptor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
import org.springframework.context.annotation.ComponentScan;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.context.annotation.PropertySource;
|
import org.springframework.context.annotation.PropertySource;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.web.servlet.LocaleResolver;
|
import org.springframework.web.servlet.LocaleResolver;
|
||||||
import org.springframework.web.servlet.config.annotation.*;
|
import org.springframework.web.servlet.config.annotation.*;
|
||||||
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
|
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
|
||||||
|
|
@ -92,24 +95,40 @@ public class WebMvcAutoConfiguration implements WebMvcConfigurer {
|
||||||
.addResourceLocations("file:///" + System.getProperties().getProperty("user.home") + "/halo/backup/");
|
.addResourceLocations("file:///" + System.getProperties().getProperty("user.home") + "/halo/backup/");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// /**
|
||||||
|
// * 跨域
|
||||||
|
// *
|
||||||
|
// * @param registry registry
|
||||||
|
// */
|
||||||
|
// @Override
|
||||||
|
// public void addCorsMappings(CorsRegistry registry) {
|
||||||
|
// registry.addMapping("/api/**")
|
||||||
|
// .allowedHeaders("*")
|
||||||
|
// .allowedOrigins("*")
|
||||||
|
// .allowedMethods("GET", "POST")
|
||||||
|
// .exposedHeaders("access-control-allow-headers",
|
||||||
|
// "access-control-allow-methods",
|
||||||
|
// "access-control-allow-origin",
|
||||||
|
// "access-control-max-age",
|
||||||
|
// "X-Frame-Options",
|
||||||
|
// "token")
|
||||||
|
// .allowCredentials(false).maxAge(3600);
|
||||||
|
// }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 跨域
|
* Creates a CorsFilter.
|
||||||
*
|
*
|
||||||
* @param registry registry
|
* @return Cors filter registration bean
|
||||||
*/
|
*/
|
||||||
@Override
|
@Bean
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
FilterRegistrationBean<CorsFilter> corsFilter() {
|
||||||
registry.addMapping("/api/**")
|
FilterRegistrationBean<CorsFilter> corsFilter = new FilterRegistrationBean<>();
|
||||||
.allowedHeaders("*")
|
|
||||||
.allowedOrigins("*")
|
corsFilter.setOrder(Ordered.HIGHEST_PRECEDENCE);
|
||||||
.allowedMethods("GET", "POST")
|
corsFilter.setFilter(new CorsFilter());
|
||||||
.exposedHeaders("access-control-allow-headers",
|
corsFilter.addUrlPatterns("/api/*");
|
||||||
"access-control-allow-methods",
|
|
||||||
"access-control-allow-origin",
|
return corsFilter;
|
||||||
"access-control-max-age",
|
|
||||||
"X-Frame-Options",
|
|
||||||
"token")
|
|
||||||
.allowCredentials(false).maxAge(3600);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,37 @@
|
||||||
|
package cc.ryanc.halo.filter;
|
||||||
|
|
||||||
|
import org.springframework.http.HttpHeaders;
|
||||||
|
import org.springframework.web.cors.CorsUtils;
|
||||||
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
|
|
||||||
|
import javax.servlet.FilterChain;
|
||||||
|
import javax.servlet.ServletException;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Filter for CORS.
|
||||||
|
*
|
||||||
|
* @author johnniang
|
||||||
|
*/
|
||||||
|
public class CorsFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
|
||||||
|
|
||||||
|
// Set customized header
|
||||||
|
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, "*");
|
||||||
|
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*");
|
||||||
|
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTION");
|
||||||
|
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "false");
|
||||||
|
httpServletResponse.setHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600");
|
||||||
|
|
||||||
|
if (CorsUtils.isPreFlightRequest(httpServletRequest)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
filterChain.doFilter(httpServletRequest, httpServletResponse);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue