尝试解决跨域问题

README.md

@@ -15,3 +15,11 @@ ALTER TABLE y_contract_electric ADD start_electric_flat_count DOUBLE(10,2);
 
 http://localhost:8080/myboot/swagger-ui.html
 
+### 2023年06月11日20:04:22
+
+csrf解决
+
+https://blog.csdn.net/a987212198/article/details/122937119
+
+
+

src/main/java/platform/config/WebMvcConfig.java

@@ -24,10 +24,12 @@
 
 package platform.config;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import platform.config.crsf.RefererInterceptor;
 
 /**
  * @author lhf
@@ -35,6 +37,9 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 @Configuration
 public class WebMvcConfig extends WebMvcConfigurerAdapter {
 
+    @Autowired
+    private RefererInterceptor refererInterceptor;
+
     /**
      * 添加静态资源
      * @param registry
@@ -46,6 +51,8 @@ public class WebMvcConfig extends WebMvcConfigurerAdapter {
 
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(refererInterceptor).addPathPatterns("/**");
+        super.addInterceptors(registry);
         /**
          * - /**： 匹配所有路径
          * - /admin/**：匹配 /admin/ 下的所有路径

src/main/java/platform/config/crsf/RefererInterceptor.java

@@ -0,0 +1,54 @@
+package platform.config.crsf;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.net.MalformedURLException;
+
+@Component
+@Slf4j
+public class RefererInterceptor extends HandlerInterceptorAdapter {
+    @Autowired
+    private RefererProperties refererProperties;
+    @Override
+    public boolean preHandle(HttpServletRequest req, HttpServletResponse resp, Object handler) throws Exception {
+        //是否开启referer拦截器
+        if(!refererProperties.getEnabled()){
+            return true;
+        }
+        String referer = req.getHeader("referer");
+        String host = req.getServerName();
+        // 若无referer，放行
+        if (referer == null) {
+            return true;
+        }
+        java.net.URL url = null;
+        try {
+            url = new java.net.URL(referer);
+        } catch (MalformedURLException e) {
+            // URL解析异常，也置为404
+            resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
+            return false;
+        }
+        String refererUrl = url.getHost();
+        // 首先判断请求域名和referer域名是否相同
+        if (!host.equals(refererUrl)) {
+            // 若是不等，判断是否在白名单中
+            log.info("RefererInterceptorConfig-->\nrefererUrl：{}\nhost：{}\nrefererProperties：{}", refererUrl, host, refererProperties);
+            if (refererProperties.getRefererDomain() != null) {
+                for (String s : refererProperties.getRefererDomain()) {
+                    if (s.equals(refererUrl)) {
+                        return true;
+                    }
+                }
+            }
+            resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
+            return false;
+        }
+        return true;
+    }
+}

src/main/java/platform/config/crsf/RefererProperties.java

@@ -0,0 +1,16 @@
+package platform.config.crsf;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+@Component
+@ConfigurationProperties(prefix = "referer")
+@Data
+public class RefererProperties {
+    private Boolean enabled = false;
+    // 白名单域名
+    private List<String> refererDomain;
+}

src/main/resources/application-aliyun.yml

@@ -207,4 +207,17 @@ maxRequestSize: 5120MB
 company-master-phone: 18625008937
 #endpoints:
 #    health:
-#      sensitive: false
+#      sensitive: false
+
+referer:
+  # 是否开启referer拦截
+  enabled: true
+  # 拦截referer白名单
+  refererDomain:
+    - escloud.snd.gov.cn
+    - www.sme.com.cn
+    - www.miit.gov.cn
+    - www.jseic.gov.cn
+    - credit.snd.gov.cn
+    - www.szetc.gov.cn
+    - www.snd.gov.cn

src/main/resources/application-prodin.yml

@@ -209,4 +209,17 @@ company-master-phone: 18362602202
 #company-master-phone: 18625008937
 #endpoints:
 #    health:
-#      sensitive: false
+#      sensitive: false
+
+referer:
+  # 是否开启referer拦截
+  enabled: true
+  # 拦截referer白名单
+  refererDomain:
+    - escloud.snd.gov.cn
+    - www.sme.com.cn
+    - www.miit.gov.cn
+    - www.jseic.gov.cn
+    - credit.snd.gov.cn
+    - www.szetc.gov.cn
+    - www.snd.gov.cn

src/main/resources/application-prodout.yml

@@ -212,4 +212,17 @@ company-master-phone: 18362602202
 #company-master-phone: 18625008937
 #endpoints:
 #    health:
-#      sensitive: false
+#      sensitive: false
+
+referer:
+  # 是否开启referer拦截
+  enabled: true
+  # 拦截referer白名单
+  refererDomain:
+    - escloud.snd.gov.cn
+    - www.sme.com.cn
+    - www.miit.gov.cn
+    - www.jseic.gov.cn
+    - credit.snd.gov.cn
+    - www.szetc.gov.cn
+    - www.snd.gov.cn

src/main/resources/application-test.yml

@@ -204,4 +204,18 @@ company-master-phone: 18362602202
 #company-master-phone: 18625008937
 #endpoints:
 #    health:
-#      sensitive: false
+#      sensitive: false
+
+referer:
+  # 是否开启referer拦截
+  enabled: true
+  # 拦截referer白名单
+  # 拦截referer白名单
+  refererDomain:
+    - escloud.snd.gov.cn
+    - www.sme.com.cn
+    - www.miit.gov.cn
+    - www.jseic.gov.cn
+    - credit.snd.gov.cn
+    - www.szetc.gov.cn
+    - www.snd.gov.cn