Thirdparty
/
wvp-GB28181-pro
mirror of https://github.com/648540858/wvp-GB28181-pro
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

优化跨域配置,默认允许全部跨域

2.6.9
648540858 2024-01-31 17:23:47 +08:00
parent ab34cb37f3
commit 68fbc8fef1
3 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
View File

@ -1,12 +1,12 @@
package com.genersoft.iot.vmp.conf.security; package com.genersoft.iot.vmp.conf.security;
import com.genersoft.iot.vmp.conf.UserSetting; import com.genersoft.iot.vmp.conf.UserSetting;
import org.springframework.core.annotation.Order;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@ -25,6 +25,7 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections;
/** /**
* Spring Security * Spring Security
@ -129,8 +130,14 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
corsConfiguration.setAllowedHeaders(Arrays.asList("*")); corsConfiguration.setAllowedHeaders(Arrays.asList("*"));
corsConfiguration.setAllowedMethods(Arrays.asList("*")); corsConfiguration.setAllowedMethods(Arrays.asList("*"));
corsConfiguration.setMaxAge(3600L); corsConfiguration.setMaxAge(3600L);
corsConfiguration.setAllowCredentials(true); if (userSetting.getAllowedOrigins() != null && !userSetting.getAllowedOrigins().isEmpty()) {
corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins()); corsConfiguration.setAllowCredentials(true);
corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins());
}else {
corsConfiguration.setAllowCredentials(false);
corsConfiguration.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL));
}
corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader())); corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader()));
UrlBasedCorsConfigurationSource url = new UrlBasedCorsConfigurationSource(); UrlBasedCorsConfigurationSource url = new UrlBasedCorsConfigurationSource();

2
src/main/resources/all-application.yml
View File

@ -237,7 +237,7 @@ user-settings:
register-again-after-time: 60 register-again-after-time: 60
# 国标续订方式true为续订每次注册在同一个会话里false为重新注册每次使用新的会话 # 国标续订方式true为续订每次注册在同一个会话里false为重新注册每次使用新的会话
register-keep-int-dialog: false register-keep-int-dialog: false
# 跨域配置,配置你访问前端页面的地址即可 可以配置多个 # 跨域配置,不配置此项则允许所有跨域请求,配置后则只允许配置的页面的地址请求 可以配置多个
allowed-origins: allowed-origins:
- http://localhost:8008 - http://localhost:8008
- http://192.168.1.3:8008 - http://192.168.1.3:8008

4
src/main/resources/application-dev.yml
View File

@ -110,10 +110,6 @@ user-settings:
auto-apply-play: true auto-apply-play: true
# 设备/通道状态变化时发送消息 # 设备/通道状态变化时发送消息
device-status-notify: true device-status-notify: true
# 跨域配置,配置你访问前端页面的地址即可, 可以配置多个
allowed-origins:
- http://localhost:8080
- http://127.0.0.1:8080
# [可选] 日志配置, 一般不需要改 # [可选] 日志配置, 一般不需要改
logging: logging:
config: classpath:logback-spring-local.xml config: classpath:logback-spring-local.xml