diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java index fae124f..80256c4 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java @@ -10,6 +10,8 @@ import cc.smtweb.framework.core.session.SessionUtil; import cc.smtweb.framework.core.session.UserSession; import cc.smtweb.framework.core.util.NumberUtil; import org.apache.commons.lang3.StringUtils; +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; @@ -23,6 +25,21 @@ public class CoreInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (!SwConsts.SysParam.SYS_STARTED) throw new BizException("系统启动中,请稍候..."); + String _Origin=request.getHeader("Origin"); + response.setHeader("Access-Control-Allow-Origin", _Origin); + String headers =request.getHeader("Access-Control-Request-Headers"); + if (null !=headers && !"".equals(headers)) { + response.setHeader("Access-Control-Allow-Headers", headers); + } + response.setHeader("Access-Control-Allow-Credentials","true"); + response.setCharacterEncoding("UTF-8"); + response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT, OPTIONS"); + response.setHeader("Access-Control-Max-Age", "360000"); + // 如果是OPTIONS请求则结束 + if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) { + response.setStatus(HttpStatus.OK.value()); + return false; + } SessionUtil.checkSession(request); return HandlerInterceptor.super.preHandle(request, response, handler); }