dromara/RuoYi-Cloud-Plus
1
0
Fork 0
mirror of https://gitee.com/dromara/RuoYi-Cloud-Plus.git synced 2026-01-13 07:05:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

!149 优化代码格式

Browse Source 
Merge pull request !149 from AprilWind/feat/dev-docs
This commit is contained in:
疯狂的狮子Li
2024-01-19 09:51:36 +00:00
committed by Gitee
parent e3da1f06bb c5bb1029f6
commit 15dfc2074a
35 changed files with 332 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ruoyi-gateway/src/main/java/org/dromara/gateway/config/properties/IgnoreWhiteProperties.java
View File

@@ -21,6 +21,7 @@ import java.util.List;
@RefreshScope
@ConfigurationProperties(prefix = "security.ignore")
public class IgnoreWhiteProperties {
/**
* 放行白名单配置,网关不校验此处的白名单
*/

1
ruoyi-gateway/src/main/java/org/dromara/gateway/config/properties/XssProperties.java
View File

@@ -18,6 +18,7 @@ import java.util.List;
@RefreshScope
@ConfigurationProperties(prefix = "security.xss")
public class XssProperties {
/**
* Xss开关
*/

25
ruoyi-gateway/src/main/java/org/dromara/gateway/filter/GlobalCorsFilter.java
View File

@@ -26,14 +26,38 @@ public class GlobalCorsFilter implements WebFilter, Ordered {
* 这里为支持的请求头如果有自定义的header字段请自己添加
*/
private static final String ALLOWED_HEADERS = "X-Requested-With, Content-Language, Content-Type, Authorization, clientid, credential, X-XSRF-TOKEN, isToken, token, Admin-Token, App-Token";
/**
* 允许的请求方法
*/
private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE,OPTIONS,HEAD";
/**
* 允许的请求来源,使用 * 表示允许任何来源
*/
private static final String ALLOWED_ORIGIN = "*";
/**
* 允许前端访问的响应头,使用 * 表示允许任何响应头
*/
private static final String ALLOWED_EXPOSE = "*";
/**
* 预检请求的缓存时间,单位为秒(此处设置为 5 小时)
*/
private static final String MAX_AGE = "18000L";
/**
* 实现跨域配置的 Web 过滤器
*
* @param exchange ServerWebExchange 对象,表示一次 Web 交换
* @param chain WebFilterChain 对象,表示一组 Web 过滤器链
* @return Mono<Void> 表示异步的过滤器链处理结果
*/
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
// 判断请求是否为跨域请求
if (CorsUtils.isCorsRequest(request)) {
ServerHttpResponse response = exchange.getResponse();
HttpHeaders headers = response.getHeaders();
@@ -43,6 +67,7 @@ public class GlobalCorsFilter implements WebFilter, Ordered {
headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE);
headers.add("Access-Control-Max-Age", MAX_AGE);
headers.add("Access-Control-Allow-Credentials", "true");
// 处理预检请求的 OPTIONS 方法,直接返回成功状态码
if (request.getMethod() == HttpMethod.OPTIONS) {
response.setStatusCode(HttpStatus.OK);
return Mono.empty();