眼度-新项目
blame | 历史 | 原始文档
无关风月
2025-01-02 7cdea9831fa9b97fe672073abbe80d30edab0ae0 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

package com.jilongda.common.security.filter;


 


import com.aliyun.oss.HttpMethod;


import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;


import com.baomidou.mybatisplus.core.toolkit.StringUtils;


import com.google.common.net.HttpHeaders;


import lombok.extern.slf4j.Slf4j;


import org.mybatis.logging.LoggerFactory;


 


import javax.servlet.*;


import javax.servlet.annotation.WebFilter;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.util.Arrays;


import java.util.List;


import java.util.logging.Logger;


 


@Slf4j


@WebFilter(urlPatterns = {"/*"}, filterName = "corsFilter")


public class CorsFilter implements Filter {


//    private static final Logger logger = LoggerFactory.getLogger(IsvSearchController.class);


 


    private String allowOrigin = "*";


 


    @Override


    public void init(FilterConfig filterConfig) throws ServletException {


 


    }


 


    @Override


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {


//        logger.info("doFilter start ...");


        HttpServletRequest request = (HttpServletRequest) servletRequest;


        HttpServletResponse response = (HttpServletResponse) servletResponse;


        if (StringUtils.isNotEmpty(allowOrigin)) {


            List<String> allowOriginList = Arrays.asList(allowOrigin.split(","));


            if (!CollectionUtils.isEmpty(allowOriginList)) {


                String currentOrigin = request.getHeader("Origin");


                if (allowOriginList.contains(currentOrigin)) {


                    response.setHeader("Access-Control-Allow-Origin", currentOrigin);


                }


            }


        }


        response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");


        response.setHeader("Access-Control-Allow-Credentials", "true");


        response.setHeader("Access-Control-Allow-Origin", "*");


        response.setHeader("Access-Control-Allow-Headers", "content-Type");


        if (HttpMethod.OPTIONS.name().equalsIgnoreCase(request.getMethod()) &&/*options 请求返回允许跨域的头*/


                request.getHeader(HttpHeaders.ORIGIN) != null) {


//            logger.info("doFilter options request");


            return;


        }


        filterChain.doFilter(servletRequest, servletResponse);


    }


 


    @Override


    public void destroy() {


 


    }


}