|
|
@@ -1,6 +1,7 @@
|
|
|
package com.leanwo.gateway;
|
|
|
|
|
|
import java.net.URI;
|
|
|
+import java.util.List;
|
|
|
|
|
|
import org.slf4j.Logger;
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
@@ -8,9 +9,12 @@ import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
|
|
|
import org.springframework.cloud.gateway.filter.GlobalFilter;
|
|
|
import org.springframework.core.Ordered;
|
|
|
+import org.springframework.http.HttpCookie;
|
|
|
+import org.springframework.http.ResponseCookie;
|
|
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
|
|
import org.springframework.http.server.reactive.ServerHttpResponse;
|
|
|
import org.springframework.stereotype.Component;
|
|
|
+import org.springframework.util.MultiValueMap;
|
|
|
import org.springframework.web.server.ServerWebExchange;
|
|
|
|
|
|
import com.leanwo.gateway.service.AccountManagementService;
|
|
|
@@ -50,6 +54,7 @@ public class GlobalAccountFilter implements GlobalFilter, Ordered{
|
|
|
*/
|
|
|
//获取请求参数
|
|
|
ServerHttpRequest request = exchange.getRequest();
|
|
|
+ ServerHttpResponse response = exchange.getResponse();
|
|
|
//原始uri
|
|
|
URI originUri = request.getURI();
|
|
|
|
|
|
@@ -70,15 +75,23 @@ public class GlobalAccountFilter implements GlobalFilter, Ordered{
|
|
|
|
|
|
|
|
|
request.mutate().header("account", accountId.toString())
|
|
|
-// .header("Strict-Transport-Security", "max-age=631138519")
|
|
|
-// .header("Content-Security-Policy", "img-src 'self'")
|
|
|
-// .header("X-Frame-Options", "DENY")
|
|
|
-// .header("Expect-CT", "enforce, max-age=7776000, report-uri=\"https://u.leanwo.com/report\"")
|
|
|
-// .header("X-XSS-Protection", "1; mode=block")
|
|
|
-// .header("Referrer-Policy", "no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading")
|
|
|
-
|
|
|
+ .header("Strict-Transport-Security", "max-age=631138519")
|
|
|
+ .header("Content-Security-Policy", "img-src 'self'")
|
|
|
+ .header("X-Frame-Options", "DENY")
|
|
|
+ .header("Expect-CT", "enforce, max-age=7776000, report-uri=\"https://u.leanwo.com/report\"")
|
|
|
+ .header("X-XSS-Protection", "1; mode=block")
|
|
|
+ .header("Referrer-Policy", "no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading")
|
|
|
.build();
|
|
|
-
|
|
|
+// MultiValueMap<String, HttpCookie> cookies = request.getCookies();
|
|
|
+// if(cookies != null) {
|
|
|
+// for (MultiValueMap.Entry<String, List<HttpCookie>> value : cookies.entrySet()) {
|
|
|
+// String key = value.getKey();
|
|
|
+// List<HttpCookie> cookies1 = value.getValue();
|
|
|
+// String va = cookies1.get(0).getValue();
|
|
|
+// response.addCookie(ResponseCookie.from(key, va).path("/").sameSite("None").secure(true).build());
|
|
|
+// }
|
|
|
+// }
|
|
|
+
|
|
|
//代表放行请求
|
|
|
return chain.filter(exchange);
|
|
|
}
|
