|
|
@@ -25,7 +25,10 @@ public class AuthFilter extends ZuulFilter {
|
|
|
RequestContext requestContext = RequestContext.getCurrentContext();
|
|
|
requestContext.getZuulRequestHeaders().put("HTTP_X_FORWARDED_FOR", getRealIp(requestContext.getRequest()));
|
|
|
HttpServletResponse response = requestContext.getResponse();
|
|
|
- response.setHeader("Access-Control-Allow-Origin", "https://*.lexiaoya.cn");
|
|
|
+ String origin = requestContext.getRequest().getHeader("Origin");
|
|
|
+ if (origin != null && origin.endsWith(".lexiaoya.cn")) {
|
|
|
+ response.setHeader("Access-Control-Allow-Origin", origin);
|
|
|
+ }
|
|
|
response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
|
|
|
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
|
|
response.setHeader("Access-Control-Allow-Credentials", "true");
|
