common接口验证referer

3 weeks ago · e0dc3415a8
1 changed files with 2 additions and 1 deletions
--- a/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java
+++ b/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java
@ -52,7 +52,8 @@ public class CrosXssFilter implements Filter {

                    String requestUri = httpRequest.getRequestURI();
                    // 当 URL 不包含 /common/ 时，校验 Referer
-                    if (!requestUri.contains("/common/")) {
+//                    if (!requestUri.contains("/common/") && !requestUri.contains("swagger")) {
+                    if (!requestUri.contains("/swagger/")) {  
                        String referer = httpRequest.getHeader("Referer");
                        if (StringUtils.isNotBlank(referer)){
                            if(!"*".equals(accessControlAllowOrigin)){