пре 5 месеци · be5f831dc4
--- a/src/main/java/com/fdkankan/fusion/config/OriginFilter.java
+++ b/src/main/java/com/fdkankan/fusion/config/OriginFilter.java
@@ -0,0 +1,66 @@
 
				+/**  
			
 
				+ * <p>Title: ShiroLoginFilter.java</p>  
			
 
				+ * <p>Description: </p>   
			
 
				+ * @author zengqinghua  
			
 
				+ * @date 2018年9月17日  
			
 
				+ * @version 1.0  
			
 
				+ */
			
 
				+package com.fdkankan.fusion.config;
			
 
				+
			
 
				+import org.springframework.boot.web.servlet.ServletComponentScan;
			
 
				+import org.springframework.stereotype.Component;
			
 
				+
			
 
				+import javax.servlet.*;
			
 
				+import javax.servlet.annotation.WebFilter;
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+import java.io.IOException;
			
 
				+
			
 
				+/**
			
 
				+ * @ClassName: ShiroLoginFilter
			
 
				+ * @Description: TODO
			
 
				+ * @author zengqinghua
			
 
				+ * @date 2018年9月17日
			
 
				+ */
			
 
				+
			
 
				+@Component("originFilter")
			
 
				+@ServletComponentScan
			
 
				+@WebFilter(urlPatterns = "/*", filterName = "shiroLoginFilter")
			
 
				+public class OriginFilter implements Filter {
			
 
				+
			
 
				+	private FilterConfig config = null;
			
 
				+
			
 
				+	@Override
			
 
				+	public void init(FilterConfig config) throws ServletException {
			
 
				+		this.config = config;
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public void destroy() {
			
 
				+		this.config = null;
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			
 
				+		HttpServletResponse response = (HttpServletResponse) servletResponse;
			
 
				+		HttpServletRequest request = (HttpServletRequest) servletRequest;
			
 
				+		//指定允许其他域名访问
			
 
				+		response.setHeader("Access-Control-Allow-Origin", "*");
			
 
				+		// 允许请求的方法
			
 
				+		response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,PUT");
			
 
				+		// 多少秒内，不需要再发送预检验请求，可以缓存该结果
			
 
				+		response.setHeader("Access-Control-Max-Age", "3600");
			
 
				+		// 表明它允许跨域请求包含xxx头
			
 
				+		response.setHeader("Access-Control-Allow-Headers",
			
 
				+				"Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires,userAgent,User-Agent,version, " +
			
 
				+				" Content-Type, content-type,X-E4M-With,Authorization,token,authorization,systemType");
			
 
				+		response.setHeader("Access-Control-Allow-Credentials", "true");
			
 
				+		if (request.getMethod().equals("OPTIONS")) {
			
 
				+			response.setStatus(200);
			
 
				+			response.getWriter().write("OPTIONS returns OK");
			
 
				+			return;
			
 
				+		}
			
 
				+		filterChain.doFilter(servletRequest, response);
			
 
				+	}
			
 
				+}
			
 
				+