KERNEL-5056 feat: Websocket支持将token放入header而不是url中

fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java

@@ -29,6 +29,7 @@ import java.util.jar.Manifest;
 
 import com.fr.third.socketio.Configuration;
 import com.fr.third.socketio.Transport;
+import com.fr.third.springframework.beans.propertyeditors.StringArrayPropertyEditor;
 import io.netty.util.concurrent.Future;
 import io.netty.util.concurrent.GenericFutureListener;
 import org.slf4j.Logger;
@@ -201,9 +202,17 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter {
             res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE);
         }
 
+        // 使websocket请求可携带特定header
         String allowHeaders = configuration.getAccessControlAllowHeaders();
+        // 取出现有access-control-allow-headers，去掉空格并拼接新的header到末尾。直接addHeader时IE 10/11会找不到。
         if (!isEmpty(allowHeaders)) {
-            res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, configuration.getAccessControlAllowHeaders());
+            String header = res.headers().get(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS);
+            if (!isEmpty(header)) {
+                header = header.trim() + StringArrayPropertyEditor.DEFAULT_SEPARATOR + configuration.getAccessControlAllowHeaders();
+                res.headers().set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, header);
+            } else {
+                res.headers().set(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, configuration.getAccessControlAllowHeaders());
+            }
         }
     }