|
@@ -19,13 +19,6 @@ server:
|
|
|
enabled: true
|
|
enabled: true
|
|
|
mime-types: application/json,application/xml,text/html,text/xml,text/plain,application/javascript,text/css,font/woff2
|
|
mime-types: application/json,application/xml,text/html,text/xml,text/plain,application/javascript,text/css,font/woff2
|
|
|
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
spring:
|
|
spring:
|
|
|
# 修改文件上传大小的限制
|
|
# 修改文件上传大小的限制
|
|
|
servlet:
|
|
servlet:
|
|
@@ -38,21 +31,21 @@ spring:
|
|
|
cloud:
|
|
cloud:
|
|
|
gateway:
|
|
gateway:
|
|
|
globalcors:
|
|
globalcors:
|
|
|
- cors-configurations:
|
|
|
|
|
- '[/**]':
|
|
|
|
|
- # 允许向该服务器提交请求的URI
|
|
|
|
|
- allowedOrigins:
|
|
|
|
|
- - 'u.leanwo.com'
|
|
|
|
|
- - 'uat.leanwo.com'
|
|
|
|
|
- # 允许跨域的方法
|
|
|
|
|
- allowedMethods:
|
|
|
|
|
- - GET
|
|
|
|
|
- - POST
|
|
|
|
|
- - DELETE
|
|
|
|
|
- - PUT
|
|
|
|
|
- - HEAD
|
|
|
|
|
- # 预检请求的缓存时间(秒),即在这个时间段里对于相同的跨域请求不会再预检
|
|
|
|
|
- maxAge: 180
|
|
|
|
|
|
|
+ # cors-configurations:
|
|
|
|
|
+ # '[/**]':
|
|
|
|
|
+ # # 允许向该服务器提交请求的URI
|
|
|
|
|
+ # allowedOrigins:
|
|
|
|
|
+ # - 'u.leanwo.com'
|
|
|
|
|
+ # - 'uat.leanwo.com'
|
|
|
|
|
+ # # 允许跨域的方法
|
|
|
|
|
+ # allowedMethods:
|
|
|
|
|
+ # - GET
|
|
|
|
|
+ # - POST
|
|
|
|
|
+ # - DELETE
|
|
|
|
|
+ # - PUT
|
|
|
|
|
+ # - HEAD
|
|
|
|
|
+ # # 预检请求的缓存时间(秒),即在这个时间段里对于相同的跨域请求不会再预检
|
|
|
|
|
+ # maxAge: 180
|
|
|
discovery:
|
|
discovery:
|
|
|
locator:
|
|
locator:
|
|
|
enabled: true
|
|
enabled: true
|
|
@@ -62,56 +55,56 @@ spring:
|
|
|
predicates:
|
|
predicates:
|
|
|
- Path=/api/**,/druid/**,/rest-api/**,/WebSocket/**,/workflow-app/**,/workflow-prodog/**,/workflow-system/**
|
|
- Path=/api/**,/druid/**,/rest-api/**,/WebSocket/**,/workflow-app/**,/workflow-prodog/**,/workflow-system/**
|
|
|
filters:
|
|
filters:
|
|
|
- - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
- - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
- - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
- - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
- - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
- - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
|
|
+ # - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
+ # - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
+ # - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
+ # - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
+ # - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
+ # - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
- id: auth_server
|
|
- id: auth_server
|
|
|
uri: lb://auth-server
|
|
uri: lb://auth-server
|
|
|
predicates:
|
|
predicates:
|
|
|
- Path=/authApi/**
|
|
- Path=/authApi/**
|
|
|
filters:
|
|
filters:
|
|
|
- - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
- - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
- - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
- - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
- - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
- - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
|
|
+ # - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
+ # - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
+ # - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
+ # - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
+ # - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
+ # - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
- id: dingtalk_server
|
|
- id: dingtalk_server
|
|
|
uri: lb://dingtalk-server
|
|
uri: lb://dingtalk-server
|
|
|
predicates:
|
|
predicates:
|
|
|
- Path=/dingTalkApi/**
|
|
- Path=/dingTalkApi/**
|
|
|
filters:
|
|
filters:
|
|
|
- StripPrefix=1
|
|
- StripPrefix=1
|
|
|
- - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
- - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
- - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
- - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
- - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
- - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
|
|
+ # - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
+ # - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
+ # - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
+ # - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
+ # - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
+ # - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
- id: gateway_server
|
|
- id: gateway_server
|
|
|
uri: lb:http://gateway-server
|
|
uri: lb:http://gateway-server
|
|
|
predicates:
|
|
predicates:
|
|
|
- Path=/gateway-api/**
|
|
- Path=/gateway-api/**
|
|
|
filters:
|
|
filters:
|
|
|
- - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
- - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
- - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
- - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
- - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
- - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
|
|
+ # - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
+ # - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
+ # - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
+ # - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
+ # - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
+ # - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
# 文件服务器
|
|
# 文件服务器
|
|
|
- id: file_server
|
|
- id: file_server
|
|
|
uri: lb://file-server
|
|
uri: lb://file-server
|
|
|
predicates:
|
|
predicates:
|
|
|
- Path=/**
|
|
- Path=/**
|
|
|
filters:
|
|
filters:
|
|
|
- - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
- - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
- - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
- - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
- - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
- - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
- - SetResponseHeader=Allow,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
|
|
+ # - SetResponseHeader=Referrer-Policy, origin
|
|
|
|
|
+ # - SetResponseHeader=Strict-Transport-Security, max-age=631138519; preload
|
|
|
|
|
+ # - SetResponseHeader=X-Frame-Options, SAMEORIGIN
|
|
|
|
|
+ # - SetResponseHeader=Content-Security-Policy, object-src https://u.leanwo.com https://uat.leanwo.com
|
|
|
|
|
+ # - SetResponseHeader=X-XSS-Protection, 1 ; mode=block
|
|
|
|
|
+ # - SetResponseHeader=Access-Control-Allow-Methods,'GET, POST, PUT, DELETE, HEAD'
|
|
|
|
|
+ # - SetResponseHeader=Allow,'GET, POST, PUT, DELETE, HEAD'
|
