test6

src/main/java/cn/efunbox/audio/aop/AllowOriginIntercepter.java

@@ -0,0 +1,68 @@
+package cn.efunbox.audio.aop;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Created by libin on 2015/5/13.
+ */
+@Component
+public class  AllowOriginIntercepter implements HandlerInterceptor {
+    private static final Logger logger = LoggerFactory.getLogger(AllowOriginIntercepter.class);
+    private String allowValue = "precms.api.ai160.com,precms.ai160.com,cms.api.ai160.com,cms.ai160.com,efunbox.cn,cms.api.efunbox.cn,*";
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+
+        String origin = request.getHeader("Origin");
+        //logger.info("进入AllowOriginIntercepter 拦截 origin={}",origin);
+        String headers = request.getHeader("Access-Control-Request-Headers");
+        if (!StringUtils.isEmpty(headers)) {
+            headers = ", " + headers;
+        } else {
+            headers = "";
+        }
+        if (!StringUtils.isEmpty(origin)) {
+            if (originIsAllow(origin, allowValue)) {
+                response.setHeader("Access-Control-Allow-Origin", origin);
+                response.setHeader("Access-Control-Allow-Methods", "GET, POST, HEAD, OPTIONS, PUT, DELETE, TRACE, PATCH");
+                response.setHeader("Access-Control-Allow-Headers", "Origin, X-Token, Authentication, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Cache-control "+headers);
+                response.setHeader("Access-Control-Allow-Credentials", "true");
+            }
+        }
+        return true;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+
+    }
+
+    private boolean originIsAllow(String origin, String value) {
+        if (StringUtils.isEmpty(value)) {
+            return false;
+        }
+        if (value.contains("*")) {
+            return true;
+        }
+        String[] values = value.split(",");
+        for (String s : values) {
+            if (origin.indexOf(s) > -1) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

src/main/java/cn/efunbox/audio/aop/IgnoreOptionsInterceptor.java

@@ -0,0 +1,51 @@
+package cn.efunbox.audio.aop;
+
+import cn.efunbox.audio.utils.HttpUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.core.NamedThreadLocal;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Created by libin on 2015/5/13.
+ */
+@Component
+public class IgnoreOptionsInterceptor implements HandlerInterceptor {
+
+    private static final Logger logger = LoggerFactory.getLogger(IgnoreOptionsInterceptor.class);
+
+    private NamedThreadLocal<Long> startTimeThreadLocal = new NamedThreadLocal<Long>("StopWatch-StartTime");
+
+    // 忽略options请求，默认为true
+    private boolean ignoreOptions = true;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        startTimeThreadLocal.set(System.currentTimeMillis());//线程绑定变量（该数据只有当前请求的线程可见）
+        if (ignoreOptions && HttpMethod.OPTIONS.matches(request.getMethod())) {
+            logger.info("OPTIONS 请求 忽略 返回200");
+            response.setStatus(HttpStatus.OK.value());
+            HttpUtil.responseOk(request, response);
+            return false;
+        }
+        return true;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+    }
+
+
+   }

src/main/java/cn/efunbox/audio/config/Config.java

@@ -1,7 +1,9 @@
 package cn.efunbox.audio.config;
 
 import cn.efunbox.audio.aop.AdminInterceptor;
+import cn.efunbox.audio.aop.AllowOriginIntercepter;
 import cn.efunbox.audio.aop.AuthInterceptor;
+import cn.efunbox.audio.aop.IgnoreOptionsInterceptor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.EnvironmentAware;
 import org.springframework.context.annotation.Bean;
@@ -38,6 +40,16 @@ public class Config extends WebMvcConfigurerAdapter{
         return new AdminInterceptor();
     }
 
+    @Bean
+    AllowOriginIntercepter allowOriginIntercepter(){
+        return new AllowOriginIntercepter();
+    }
+
+    @Bean
+    IgnoreOptionsInterceptor ignoreOptionsInterceptor(){
+        return new IgnoreOptionsInterceptor();
+    }
+
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
         registry.addInterceptor(authInterceptor())
@@ -47,21 +59,27 @@ public class Config extends WebMvcConfigurerAdapter{
         registry.addInterceptor(adminInterceptor())
                 .addPathPatterns("/**")
                 .excludePathPatterns("/device/**", "/admin/login", "/audio/search");
-    }
 
-    /**
-     * 允许跨域访问
-     * @param registry
-     */
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**")
-                .allowedOrigins("*")
-                .allowCredentials(true)
-                .allowedMethods("GET", "POST", "DELETE", "PUT", "OPTIONS")
-//                .allowedMethods("*")
-//                .allowedHeaders("*")
-                .maxAge(3600);
+        registry.addInterceptor(allowOriginIntercepter())
+                .addPathPatterns("/**");
+
+        registry.addInterceptor(ignoreOptionsInterceptor())
+                .addPathPatterns("/**");
     }
+//
+//    /**
+//     * 允许跨域访问
+//     * @param registry
+//     */
+//    @Override
+//    public void addCorsMappings(CorsRegistry registry) {
+//        registry.addMapping("/**")
+//                .allowedOrigins("*")
+//                .allowCredentials(true)
+//                .allowedMethods("GET", "POST", "DELETE", "PUT", "OPTIONS")
+////                .allowedMethods("*")
+////                .allowedHeaders("*")
+//                .maxAge(3600);
+//    }
 
 }