From 63007db3d50141c6146e1ff6978186a413c4c3e6 Mon Sep 17 00:00:00 2001 From: "Cloud.Liu" Date: Thu, 13 Aug 2020 09:27:58 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E6=97=A0JIRA=E4=BB=BB=E5=8A=A1=20WebSocket?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=B0=86=E7=94=A8=E6=88=B7=E5=90=8D=E5=92=8C?= =?UTF-8?q?token=E6=94=BE=E5=9C=A8Header=E9=87=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/fr/third/socketio/handler/EncoderHandler.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java index ba5cfc3e6..3752427f4 100644 --- a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java +++ b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java @@ -186,6 +186,10 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter { } private void addOriginHeaders(String origin, HttpResponse res) { + + // 使WebSocket连接时可添加fine_username和fine_auth_token的Header + res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, "fine_username,fine_auth_token"); + if (version != null) { res.headers().add(HttpHeaderNames.SERVER, version); } From 13fdb6f2ae5464d04c4b0014619fbd9164eb1f2c Mon Sep 17 00:00:00 2001 From: "Cloud.Liu" Date: Thu, 13 Aug 2020 10:32:48 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E6=97=A0JIRA=E4=BB=BB=E5=8A=A1=20WebSocket?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=B0=86=E7=94=A8=E6=88=B7=E5=90=8D=E5=92=8C?= =?UTF-8?q?token=E6=94=BE=E5=9C=A8Header=E9=87=8C=20=E4=BB=A3=E7=A0=81?= =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/fr/third/socketio/Configuration.java | 12 ++++++++++++ .../third/socketio/handler/EncoderHandler.java | 17 ++++++++++------- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/fine-socketio/src/main/java/com/fr/third/socketio/Configuration.java b/fine-socketio/src/main/java/com/fr/third/socketio/Configuration.java index 78d1f8463..4f3bea8fb 100644 --- a/fine-socketio/src/main/java/com/fr/third/socketio/Configuration.java +++ b/fine-socketio/src/main/java/com/fr/third/socketio/Configuration.java @@ -89,6 +89,8 @@ public class Configuration { private boolean randomSession = false; + private String accessControlAllowHeaders = null; + public Configuration() { } @@ -155,6 +157,8 @@ public class Configuration { setHttpCompression(conf.isHttpCompression()); setWebsocketCompression(conf.isWebsocketCompression()); setRandomSession(conf.randomSession); + + setAccessControlAllowHeaders(conf.getAccessControlAllowHeaders()); } public JsonSupport getJsonSupport() { @@ -584,4 +588,12 @@ public class Configuration { public void setRandomSession(boolean randomSession) { this.randomSession = randomSession; } + + public String getAccessControlAllowHeaders() { + return accessControlAllowHeaders; + } + + public void setAccessControlAllowHeaders(String accessControlAllowHeaders) { + this.accessControlAllowHeaders = accessControlAllowHeaders; + } } diff --git a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java index 3752427f4..cd7a93b51 100644 --- a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java +++ b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java @@ -15,6 +15,7 @@ */ package com.fr.third.socketio.handler; +import static com.fr.third.springframework.util.StringUtils.isEmpty; import static io.netty.handler.codec.http.HttpVersion.HTTP_1_1; import java.io.IOException; @@ -121,7 +122,7 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter { .add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaderNames.CONTENT_TYPE); String origin = ctx.channel().attr(ORIGIN).get(); - addOriginHeaders(origin, res); + addOriginAndAllowHeaders(origin, res); ByteBuf out = encoder.allocateBuffer(ctx.alloc()); sendMessage(msg, ctx.channel(), out, res, promise); @@ -143,7 +144,7 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter { } String origin = channel.attr(ORIGIN).get(); - addOriginHeaders(origin, res); + addOriginAndAllowHeaders(origin, res); HttpUtil.setContentLength(res, out.readableBytes()); @@ -185,10 +186,7 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter { sendMessage(errorMsg, ctx.channel(), encBuf, "application/json", promise, HttpResponseStatus.BAD_REQUEST); } - private void addOriginHeaders(String origin, HttpResponse res) { - - // 使WebSocket连接时可添加fine_username和fine_auth_token的Header - res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, "fine_username,fine_auth_token"); + private void addOriginAndAllowHeaders(String origin, HttpResponse res) { if (version != null) { res.headers().add(HttpHeaderNames.SERVER, version); @@ -196,12 +194,17 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter { if (origin != null) { String configOrigin = configuration.getOrigin(); - if (configOrigin != null && !"".equals(configOrigin) && !configOrigin.contains(origin)) { + if (!isEmpty(configOrigin) && !configOrigin.contains(origin)) { throw new IllegalArgumentException(); } res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, origin); res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE); } + + String allowHeaders = configuration.getAccessControlAllowHeaders(); + if (!isEmpty(allowHeaders)) { + res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS, configuration.getAccessControlAllowHeaders()); + } } @Override