优化系统

This commit is contained in:
hoteas 2021-12-17 14:37:41 +08:00
parent 8380b097b2
commit 1465ba36d3
4 changed files with 36 additions and 16 deletions

View File

@ -309,13 +309,13 @@ func (that *Application) handler(w http.ResponseWriter, req *http.Request) {
//session也没有则判断是否创建cookie
} else {
//没有跨域设置
if that.Config.GetString("crossDomain") == "" {
http.SetCookie(w, &http.Cookie{Name: that.Config.GetString("sessionName"), Value: sessionId, Path: "/"})
} else {
//跨域允许需要设置cookie的允许跨域https才有效果
w.Header().Set("Set-Cookie", that.Config.GetString("sessionName")+"="+sessionId+"; Path=/; SameSite=None; Secure")
}
//跨域不再通过cookie校验
//if that.Config.GetString("crossDomain") == "" {
http.SetCookie(w, &http.Cookie{Name: that.Config.GetString("sessionName"), Value: sessionId, Path: "/"})
//} else {
// //跨域允许需要设置cookie的允许跨域https才有效果
// w.Header().Set("Set-Cookie", that.Config.GetString("sessionName")+"="+sessionId+"; Path=/; SameSite=None; Secure")
//}
}
unescapeUrl, err := url.QueryUnescape(req.RequestURI)
@ -433,27 +433,42 @@ func (that *Application) crossDomain(context *Context) {
}
header := context.Resp.Header()
//header.Set("Access-Control-Allow-Origin", "*")
header.Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE")
header.Set("Access-Control-Allow-Credentials", "true")
header.Set("Access-Control-Expose-Headers", "*")
header.Set("Access-Control-Allow-Headers", "X-Requested-With,Content-Type,Access-Token")
//不跨域,则不设置
remoteHost := context.Req.Host
if context.Config.GetString("port") != "80" && context.Config.GetString("port") != "443" {
remoteHost = remoteHost + ":" + context.Config.GetString("port")
}
if context.Config.GetString("crossDomain") != "auto" {
//不跨域,则不设置
if strings.Contains(context.Config.GetString("crossDomain"), remoteHost) {
return
}
header.Set("Access-Control-Allow-Origin", that.Config.GetString("crossDomain"))
// 后端设置2592000单位秒这里是30天
header.Set("Access-Control-Max-Age", "2592000")
//header.Set("Access-Control-Allow-Origin", "*")
header.Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE")
header.Set("Access-Control-Allow-Credentials", "true")
header.Set("Access-Control-Expose-Headers", "*")
header.Set("Access-Control-Allow-Headers", "X-Requested-With,Content-Type,Access-Token")
return
}
origin := context.Req.Header.Get("Origin")
refer := context.Req.Header.Get("Referer")
if strings.Contains(origin, remoteHost) || strings.Contains(refer, remoteHost) {
return
}
if origin != "" {
header.Set("Access-Control-Allow-Origin", origin)
return
}
refer := context.Req.Header.Get("Referer")
if refer != "" {
tempInt := 0
lastInt := strings.IndexFunc(refer, func(r rune) bool {
@ -469,6 +484,11 @@ func (that *Application) crossDomain(context *Context) {
}
refer = Substr(refer, 0, lastInt)
header.Set("Access-Control-Allow-Origin", refer)
//header.Set("Access-Control-Allow-Origin", "*")
header.Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE")
header.Set("Access-Control-Allow-Credentials", "true")
header.Set("Access-Control-Expose-Headers", "*")
header.Set("Access-Control-Allow-Headers", "X-Requested-With,Content-Type,Access-Token")
}
}

View File

@ -24,7 +24,7 @@
"db": {
"mysql": {
"host": "192.168.6.253",
"name": "myhs",
"name": "myhs_remote",
"password": "dasda8454456",
"port": "3306",
"prefix": "",

Binary file not shown.

View File

@ -1,3 +1,3 @@
<!DOCTYPE html><html lang=""><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="favicon.ico"><title>hotime</title><style>body{
<!DOCTYPE html><html lang=""><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="favicon.ico"><title></title><style>body{
margin: 0px;
}</style><link href="css/chunk-1afce11c.7ec257c2.css" rel="prefetch"><link href="css/chunk-1dd2a8d0.e4ca99de.css" rel="prefetch"><link href="css/chunk-2f62f180.5c448e68.css" rel="prefetch"><link href="css/chunk-a74869b6.c460e209.css" rel="prefetch"><link href="css/chunk-b504df5c.61d7456c.css" rel="prefetch"><link href="css/chunk-d1a9ebe6.5cc24c46.css" rel="prefetch"><link href="js/chunk-1afce11c.fbe5a1b4.js" rel="prefetch"><link href="js/chunk-1dd2a8d0.c3cd4fb6.js" rel="prefetch"><link href="js/chunk-2c065dd6.99c035f4.js" rel="prefetch"><link href="js/chunk-2f62f180.820cf5fd.js" rel="prefetch"><link href="js/chunk-58db4e7f.c298e695.js" rel="prefetch"><link href="js/chunk-6581ae4b.953630b3.js" rel="prefetch"><link href="js/chunk-78ba61e2.520b239c.js" rel="prefetch"><link href="js/chunk-a74869b6.59e9b13d.js" rel="prefetch"><link href="js/chunk-b504df5c.0add8dfa.js" rel="prefetch"><link href="js/chunk-d1a9ebe6.fba0f501.js" rel="prefetch"><link href="css/app.5e2eb449.css" rel="preload" as="style"><link href="js/app.3ff414bb.js" rel="preload" as="script"><link href="css/app.5e2eb449.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but hotime doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div><script src="js/app.3ff414bb.js"></script></body></html>
}</style><link href="css/chunk-1afce11c.7ec257c2.css" rel="prefetch"><link href="css/chunk-1dd2a8d0.e4ca99de.css" rel="prefetch"><link href="css/chunk-2f62f180.5c448e68.css" rel="prefetch"><link href="css/chunk-7f3803f8.c66635b1.css" rel="prefetch"><link href="css/chunk-a74869b6.c460e209.css" rel="prefetch"><link href="css/chunk-d1a9ebe6.5cc24c46.css" rel="prefetch"><link href="js/chunk-1afce11c.fbe5a1b4.js" rel="prefetch"><link href="js/chunk-1dd2a8d0.c3cd4fb6.js" rel="prefetch"><link href="js/chunk-2c065dd6.99c035f4.js" rel="prefetch"><link href="js/chunk-2f62f180.820cf5fd.js" rel="prefetch"><link href="js/chunk-58db4e7f.c298e695.js" rel="prefetch"><link href="js/chunk-6581ae4b.953630b3.js" rel="prefetch"><link href="js/chunk-78ba61e2.520b239c.js" rel="prefetch"><link href="js/chunk-7f3803f8.05e76ac8.js" rel="prefetch"><link href="js/chunk-a74869b6.59e9b13d.js" rel="prefetch"><link href="js/chunk-d1a9ebe6.fba0f501.js" rel="prefetch"><link href="css/app.5e2eb449.css" rel="preload" as="style"><link href="js/app.9730fd19.js" rel="preload" as="script"><link href="css/app.5e2eb449.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but hotime doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div><script src="js/app.9730fd19.js"></script></body></html>