添加https以及释放UA的限制以及跨域的限制

zksy-admin/src/main/java/com/zksy/config/CorsFilterConfig.java

@@ -0,0 +1,19 @@
+package com.zksy.config;
+
+import com.zksy.filter.CorsFilter;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class CorsFilterConfig {
+
+    @Bean
+    public FilterRegistrationBean<CorsFilter> corsFilterBean() {
+        FilterRegistrationBean<CorsFilter> registrationBean = new FilterRegistrationBean<>();
+        registrationBean.setFilter(new CorsFilter());
+        registrationBean.addUrlPatterns("/*");
+        registrationBean.setOrder(0);
+        return registrationBean;
+    }
+}

zksy-admin/src/main/java/com/zksy/config/WebConfig.java

@@ -0,0 +1,18 @@
+package com.zksy.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        //允许所有请求跨域
+        registry.addMapping("/**")
+                .allowedOriginPatterns("*")
+                .allowedMethods("*")
+                .allowedHeaders("*")
+                .allowCredentials(true);
+    }
+}

zksy-admin/src/main/java/com/zksy/filter/CorsFilter.java

@@ -0,0 +1,35 @@
+package com.zksy.filter;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class CorsFilter implements Filter {
+
+    @Override
+    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
+        HttpServletResponse response = (HttpServletResponse) res;
+        HttpServletRequest request = (HttpServletRequest) req;
+
+        response.setHeader("Access-Control-Allow-Origin", "*");
+        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
+        response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With");
+        response.setHeader("Access-Control-Allow-Credentials", "true");
+        response.setHeader("Access-Control-Max-Age", "3600");
+
+        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
+            response.setStatus(HttpServletResponse.SC_OK);
+        } else {
+            chain.doFilter(req, res);
+        }
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+    }
+
+    @Override
+    public void destroy() {
+    }
+}

zksy-admin/src/main/resources/application.yml

@@ -15,7 +15,7 @@ server:
 #        whitelabel:
 #          enabled: false
     # 应用的访问路径
-    context-path: /
+    context-path: /qyxyfjflserver
   tomcat:
     # tomcat的URI编码
     uri-encoding: UTF-8

zksy-framework/src/main/java/com/zksy/framework/config/ResourcesConfig.java

@@ -10,6 +10,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -112,4 +113,5 @@ public class ResourcesConfig implements WebMvcConfigurer {
         // 返回新的CorsFilter
         return new CorsFilter(source);
     }
+
 }

zksy-framework/src/main/java/com/zksy/framework/interceptor/ComfirmClientInterceptor.java

@@ -33,21 +33,21 @@ public class ComfirmClientInterceptor implements HandlerInterceptor {
             response.getWriter().write(objectMapper.writeValueAsString(Response.error(403,"不准请求")));
             return false;
         }
-        String ua = request.getHeader("User-Agent");
-        if(StringUtils.isEmpty(ua) || !isBrowser(ua)){
-            response.setStatus(403);
-            response.setContentType("text/html;charset=UTF-8");
-            response.getWriter().write(objectMapper.writeValueAsString(Response.error(403,"不准请求")));
-            return false;
-        }
+//        String ua = request.getHeader("User-Agent");
+//        if(StringUtils.isEmpty(ua) || !isBrowser(ua)){
+//            response.setStatus(403);
+//            response.setContentType("text/html;charset=UTF-8");
+//            response.getWriter().write(objectMapper.writeValueAsString(Response.error(403,"不准请求")));
+//            return false;
+//        }
         return true;
     }
 
-    private boolean isBrowser(String userAgent) {
-        return userAgent.contains("Mozilla") &&
-                (userAgent.contains("Chrome") ||
-                        userAgent.contains("Safari") ||
-                        userAgent.contains("Firefox") ||
-                        userAgent.contains("Opera"));
-    }
+//    private boolean isBrowser(String userAgent) {
+//        return userAgent.contains("Mozilla") &&
+//                (userAgent.contains("Chrome") ||
+//                        userAgent.contains("Safari") ||
+//                        userAgent.contains("Firefox") ||
+//                        userAgent.contains("Opera"));
+//    }
 }