修改跨域的配置，增加二级域名的配置。

src/main/java/com/leanwo/gateway/GlobalAccountFilter.java

@@ -9,6 +9,7 @@ import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
 import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
 import org.springframework.stereotype.Component;
 import org.springframework.web.server.ServerWebExchange;
 
@@ -63,6 +64,11 @@ public class GlobalAccountFilter implements GlobalFilter, Ordered{
         Long accountId = accountManagementService.getAccountIdByDomainName(domainName);
         logger.debug("获取的AccountId:" + accountId);
     	
+
+        ServerHttpResponse response = exchange.getResponse();
+        
+        
+        
     	request.mutate().header("account", accountId.toString())
 //    		.header("Strict-Transport-Security", "max-age=631138519")
 //    		.header("Content-Security-Policy", "img-src 'self'")

src/main/java/com/leanwo/gateway/config/MyCorsConfiguration.java

@@ -0,0 +1,18 @@
+package com.leanwo.gateway.config;
+
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.handler.RoutePredicateHandlerMapping;
+import org.springframework.stereotype.Component;
+
+@Component
+public class MyCorsConfiguration implements InitializingBean {
+ 
+    @Autowired
+    private RoutePredicateHandlerMapping routePredicateHandlerMapping;
+ 
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        routePredicateHandlerMapping.setCorsProcessor(new MyCorsProcessor());
+    }
+}

src/main/java/com/leanwo/gateway/config/MyCorsProcessor.java

@@ -0,0 +1,36 @@
+package com.leanwo.gateway.config;
+
+import java.util.List;
+
+import org.springframework.lang.Nullable;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.reactive.DefaultCorsProcessor;
+
+public class MyCorsProcessor extends DefaultCorsProcessor{
+	/**
+     * Check the origin and determine the origin for the response. The default
+     * implementation simply delegates to
+     * {@link CorsConfiguration#checkOrigin(String)}.
+     *
+     * @param config
+     * @param requestOrigin
+     */
+    @Override
+    protected String checkOrigin(CorsConfiguration config, @Nullable String requestOrigin) {
+        String allowedOrigin = super.checkOrigin(config, requestOrigin);
+        List<String> allowedOrigins = config.getAllowedOrigins();
+        if (null == allowedOrigin && allowedOrigins != null && allowedOrigins.size() > 0) {
+            for (String origin : allowedOrigins) {
+                origin = origin.trim();
+                if (origin.contains(CorsConfiguration.ALL) && origin.length() > 1) {
+                    String matchDomain = origin.substring(origin.indexOf(CorsConfiguration.ALL) + 1);
+                    if (requestOrigin.endsWith(matchDomain)) {
+                        allowedOrigin = requestOrigin;
+                    }
+                }
+            }
+        }
+        return allowedOrigin;
+    }
+
+}

src/main/resources/Application.yml

@@ -26,6 +26,20 @@ spring:
       
   cloud:
     gateway:
+      globalcors:
+        cors-configurations:
+          '[/**]':
+            # 允许向该服务器提交请求的URI
+            allowedOrigins:
+              - *
+              - *.leanwo.com
+            # 允许跨域的方法
+            allowedMethods:
+              - GET
+              - POST
+              - DELETE
+            # 预检请求的缓存时间（秒），即在这个时间段里对于相同的跨域请求不会再预检
+            maxAge: 180
       discovery:
         locator:
           enabled: true