1 week ago · 368b73a31a
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RestCorsFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RestCorsFilter.java
@@ -24,27 +24,28 @@ public class RestCorsFilter implements Filter {
 
				         HttpServletResponse response = (HttpServletResponse) res;
			
 
				         HttpServletRequest request = (HttpServletRequest) req;
			
 
				 
			
 
				-//        岗检服务器IP：10.152.72.7，访问时就是直接IP没有域名
			
 
				-//        1、统一登录的地址（甲方系统）：http://10.152.70.21:8080/cas/login
			
 
				-//        2、岗检系统前端页面Nginx（统一登录成功后的跳转地址）：http://10.152.72.5:8181/postcheck
			
 
				-//        3、岗检系统后端接口：http://10.152.72.7:8180
			
 
				-        String[] allowDomain = {"http://10.152.70.21:8080"//CAS服务器
			
 
				-                , "http://10.152.72.7:8181"//岗检前端Nginx
			
 
				-                , "*.connc.*"
			
 
				-                //TODO 打包屏蔽-甲方部署时注释：甲方不需要本地登录功能采用单点登录
			
 
				-//                , "http://192.168.3.32:81"//前端开发
			
 
				-//                , "http://101.42.248.108:17003"//前端开发
			
 
				-//                , "http://localhost"//前端开发
			
 
				+        // 允许的来源
			
 
				+        String[] allowDomain = {
			
 
				+                "http://10.152.70.21:8080", // CAS服务器
			
 
				+                "http://10.152.72.7:8181" ,// 岗检前端Nginx
			
 
				+               // "*.cnooc.*"
			
 
				+                // TODO 打包屏蔽-甲方部署时注释：甲方不需要本地登录功能采用单点登录
			
 
				+                "http://192.168.3.32:81"  // 前端开发
			
 
				         };
			
 
				         Set<String> allowedOrigins = new HashSet<>(Arrays.asList(allowDomain));
			
 
				-        String originHeader = request.getHeader("Origin");//http://IP:port
			
 
				+        String originHeader = request.getHeader("Origin");
			
 
				+
			
 
				         if (allowedOrigins.contains(originHeader)) {
			
 
				             response.setHeader("Access-Control-Allow-Origin", originHeader);
			
 
				+            response.setHeader("Access-Control-Allow-Credentials", "true");
			
 
				+            response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT");
			
 
				+            response.setHeader("Access-Control-Max-Age", "31536000");
			
 
				+            response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With");
			
 
				+        } else {
			
 
				+            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
			
 
				+            return;
			
 
				         }
			
 
				-        response.setHeader("Access-Control-Allow-Credentials", "true");
			
 
				-        response.setHeader("Access-Control-Allow-Methods", "POST, GET,DELETE,PUT");
			
 
				-        response.setHeader("Access-Control-Max-Age", "31536000");
			
 
				-        response.setHeader("Access-Control-Allow-Headers", "*");
			
 
				+
			
 
				         if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
			
 
				             response.setStatus(HttpServletResponse.SC_OK);
			
 
				         } else {