|
|
@@ -64,12 +64,12 @@ public class GlobalAccountFilter implements GlobalFilter, Ordered{
|
|
|
logger.debug("获取的AccountId:" + accountId);
|
|
|
|
|
|
request.mutate().header("account", accountId.toString())
|
|
|
- .header("Strict-Transport-Security", "max-age=631138519")
|
|
|
- .header("Content-Security-Policy", "img-src 'self'")
|
|
|
- .header("X-Frame-Options", "DENY")
|
|
|
- .header("Expect-CT", "enforce, max-age=7776000, report-uri=\"https://u.leanwo.com/report\"")
|
|
|
- .header("X-XSS-Protection", "1; mode=block")
|
|
|
- .header("Referrer-Policy", "no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading")
|
|
|
+// .header("Strict-Transport-Security", "max-age=631138519")
|
|
|
+// .header("Content-Security-Policy", "img-src 'self'")
|
|
|
+// .header("X-Frame-Options", "DENY")
|
|
|
+// .header("Expect-CT", "enforce, max-age=7776000, report-uri=\"https://u.leanwo.com/report\"")
|
|
|
+// .header("X-XSS-Protection", "1; mode=block")
|
|
|
+// .header("Referrer-Policy", "no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading")
|
|
|
|
|
|
.build();
|
|
|
|
