diff --git a/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java b/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java index 4021c658..26b7bbef 100644 --- a/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java +++ b/dsGw/src/main/java/com/dsideal/gw/Config/GatewayConfig.java @@ -1,10 +1,10 @@ package com.dsideal.gw.Config; +import com.dsideal.gw.GwApplication; import com.jfinal.kit.Prop; -import com.jfinal.kit.PropKit; public class GatewayConfig { - private static final Prop prop = PropKit.use("gateway-config.txt"); + private static final Prop prop = GwApplication.PropKit; // 超时配置 public static final int CONNECT_TIMEOUT = prop.getInt("gateway.timeout.connect", 10000); @@ -17,5 +17,7 @@ public class GatewayConfig { // 安全配置 public static final String[] ALLOWED_ORIGINS = prop.get("gateway.security.cors.allowed-origins", "*").split(","); - public static final String[] ALLOWED_METHODS = prop.get("gateway.security.cors.allowed-methods", "GET,POST").split(","); -} \ No newline at end of file + public static final String[] ALLOWED_METHODS = prop.get("gateway.security.cors.allowed-methods", "GET,POST,OPTIONS").split(","); + public static final String[] ALLOWED_HEADERS = prop.get("gateway.security.cors.allowed-headers", "Content-Type,Authorization,Cookie").split(","); + public static final boolean ALLOW_CREDENTIALS = prop.getBoolean("gateway.security.cors.allow-credentials", true); + public static final int MAX_AGE = prop.getInt("gateway.security.cors.max-age", 3600);} \ No newline at end of file diff --git a/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java b/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java index 35c12241..1624eae8 100644 --- a/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java +++ b/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java @@ -53,6 +53,12 @@ public class RouterHandler extends Handler { @Override public void handle(String target, HttpServletRequest req, HttpServletResponse res, boolean[] isHandled) { try { + // 处理OPTIONS请求 + if (req.getMethod().equals("OPTIONS")) { + handleOptionsRequest(res, isHandled); + return; + } + String servletPath = req.getServletPath(); String queryString = req.getQueryString(); @@ -103,6 +109,36 @@ public class RouterHandler extends Handler { } } + // 处理OPTIONS请求 + private void handleOptionsRequest(HttpServletResponse res, boolean[] isHandled) { + addCorsHeaders(res); + res.setStatus(HttpServletResponse.SC_OK); + isHandled[0] = true; + } + + // 添加CORS头信息 + private void addCorsHeaders(HttpServletResponse res) { + // 设置允许的源 + for (String origin : GatewayConfig.ALLOWED_ORIGINS) { + if ("*".equals(origin)) { + res.setHeader("Access-Control-Allow-Origin", "*"); + break; + } + } + + // 设置允许的方法 + res.setHeader("Access-Control-Allow-Methods", String.join(",", GatewayConfig.ALLOWED_METHODS)); + + // 设置允许的头信息 + res.setHeader("Access-Control-Allow-Headers", String.join(",", GatewayConfig.ALLOWED_HEADERS)); + + // 设置是否允许发送Cookie + res.setHeader("Access-Control-Allow-Credentials", String.valueOf(GatewayConfig.ALLOW_CREDENTIALS)); + + // 设置预检请求的缓存时间 + res.setHeader("Access-Control-Max-Age", String.valueOf(GatewayConfig.MAX_AGE)); + } + // 处理GET请求 private void handleGetRequest(HttpServletRequest req, HttpServletResponse res, boolean[] isHandled, String forwardUrl, String queryString) { @@ -269,7 +305,9 @@ public class RouterHandler extends Handler { // 渲染JSON响应 private void renderJson(HttpServletResponse res, String body) { - res.setHeader("Access-Control-Allow-Origin", "*"); + // 添加CORS头信息 + addCorsHeaders(res); + res.setHeader("Cache-Control", "no-cache"); res.setCharacterEncoding("UTF-8"); res.setContentType(Constants.CONTENT_TYPE_JSON); diff --git a/dsGw/src/main/resources/application_dev.yaml b/dsGw/src/main/resources/application_dev.yaml index 8a2499d0..1ad82385 100644 --- a/dsGw/src/main/resources/application_dev.yaml +++ b/dsGw/src/main/resources/application_dev.yaml @@ -19,6 +19,27 @@ redis: ip: 10.10.14.14 port: 18890 +# 网关配置 +gateway: + # 超时配置(毫秒) + timeout: + connect: 10000 + read: 30000 + write: 30000 + + # 连接池配置 + connection: + max: 5 + keep-alive: 300 + + # 安全配置 + security: + cors: + allowed-origins: "*" # 或者具体的域名列表,如 "http://localhost:8080,https://your-domain.com" + allowed-methods: "GET,POST,OPTIONS" + allowed-headers: "Content-Type,Authorization,Cookie" + allow-credentials: true + max-age: 3600 # 白名单 whitelist: # 全局变量获取 diff --git a/dsGw/src/main/resources/application_pro.yaml b/dsGw/src/main/resources/application_pro.yaml index d942f392..2e11a770 100644 --- a/dsGw/src/main/resources/application_pro.yaml +++ b/dsGw/src/main/resources/application_pro.yaml @@ -17,6 +17,27 @@ redis: ip: 10.10.14.14 port: 18890 +# 网关配置 +gateway: + # 超时配置(毫秒) + timeout: + connect: 10000 + read: 30000 + write: 30000 + + # 连接池配置 + connection: + max: 5 + keep-alive: 300 + + # 安全配置 + security: + cors: + allowed-origins: "*" # 或者具体的域名列表,如 "http://localhost:8080,https://your-domain.com" + allowed-methods: "GET,POST,OPTIONS" + allowed-headers: "Content-Type,Authorization,Cookie" + allow-credentials: true + max-age: 3600 # 白名单 whitelist: # 全局变量获取 diff --git a/dsGw/src/main/resources/gateway-config.txt b/dsGw/src/main/resources/gateway-config.txt deleted file mode 100644 index 036fbd93..00000000 --- a/dsGw/src/main/resources/gateway-config.txt +++ /dev/null @@ -1,12 +0,0 @@ -# 超时配置 -gateway.timeout.connect=10000 -gateway.timeout.read=30000 -gateway.timeout.write=30000 - -# 连接池配置 -gateway.connection.max=5 -gateway.connection.keep-alive=300 - -# 安全配置 -gateway.security.cors.allowed-origins=* -gateway.security.cors.allowed-methods=GET,POST \ No newline at end of file