This is an automated email from the ASF dual-hosted git repository.
tydhot pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-shenyu.git
The following commit(s) were added to refs/heads/master by this push:
new f6b09899d [type: refactor] optimize corss filter logic for safety.
(#3661)
f6b09899d is described below
commit f6b09899d74529e047a6190ab264813d57e85ba1
Author: Qicz <[email protected]>
AuthorDate: Mon Jul 4 16:16:04 2022 +0800
[type: refactor] optimize corss filter logic for safety. (#3661)
---
shenyu-bootstrap/src/main/resources/application.yml | 3 +++
.../apache/shenyu/common/config/ShenyuConfig.java | 20 ++++++++++++++++++++
.../org/apache/shenyu/web/filter/CrossFilter.java | 10 +++++++---
3 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/shenyu-bootstrap/src/main/resources/application.yml
b/shenyu-bootstrap/src/main/resources/application.yml
index e2627619a..16e7c0b13 100644
--- a/shenyu-bootstrap/src/main/resources/application.yml
+++ b/shenyu-bootstrap/src/main/resources/application.yml
@@ -162,6 +162,9 @@ shenyu:
allowedMethods: "*"
allowedAnyOrigin: false
allowedOrigin:
+ # format : schema://prefix spacer domain
+ # Access-Control-Allow-Origin: "http://a.apache.org,http://b.apache.org";
+ spacer: "."
domain: apache.org
prefixes:
- a # a.apache.org
diff --git
a/shenyu-common/src/main/java/org/apache/shenyu/common/config/ShenyuConfig.java
b/shenyu-common/src/main/java/org/apache/shenyu/common/config/ShenyuConfig.java
index d9dcf073a..6e2e06cda 100644
---
a/shenyu-common/src/main/java/org/apache/shenyu/common/config/ShenyuConfig.java
+++
b/shenyu-common/src/main/java/org/apache/shenyu/common/config/ShenyuConfig.java
@@ -1138,10 +1138,30 @@ public class ShenyuConfig {
*/
public static class AllowedOriginConfig {
+ private String spacer = ".";
+
private String domain;
private Set<String> prefixes = new HashSet<>();
+ /**
+ * Gets the spacer.
+ *
+ * @return the value of spacer
+ */
+ public String getSpacer() {
+ return spacer;
+ }
+
+ /**
+ * Sets the spacer.
+ *
+ * @param spacer spacer
+ */
+ public void setSpacer(final String spacer) {
+ this.spacer = spacer;
+ }
+
/**
* Gets the domain.
*
diff --git
a/shenyu-web/src/main/java/org/apache/shenyu/web/filter/CrossFilter.java
b/shenyu-web/src/main/java/org/apache/shenyu/web/filter/CrossFilter.java
index ca7fd8223..b4a179b54 100644
--- a/shenyu-web/src/main/java/org/apache/shenyu/web/filter/CrossFilter.java
+++ b/shenyu-web/src/main/java/org/apache/shenyu/web/filter/CrossFilter.java
@@ -65,11 +65,15 @@ public class CrossFilter implements WebFilter {
} else if (Objects.nonNull(this.filterConfig.getAllowedOrigin())
&&
CollectionUtils.isNotEmpty(this.filterConfig.getAllowedOrigin().getPrefixes()))
{
final String scheme =
exchange.getRequest().getURI().getScheme();
- Set<String> allowedOrigin =
this.filterConfig.getAllowedOrigin().getPrefixes()
+ final CrossFilterConfig.AllowedOriginConfig
allowedOriginConfig = this.filterConfig.getAllowedOrigin();
+ Set<String> allowedOrigin = allowedOriginConfig.getPrefixes()
.stream()
.filter(StringUtils::isNoneBlank)
- // scheme://prefix.domain
- .map(prefix -> String.format("%s://%s.%s", scheme,
prefix.trim(), this.filterConfig.getAllowedOrigin().getDomain()))
+ // scheme://prefix spacer domain
+ .map(prefix -> String.format("%s://%s%s%s",
+ scheme, prefix.trim(),
+
StringUtils.defaultString(allowedOriginConfig.getSpacer(), ".").trim(),
+
StringUtils.defaultString(allowedOriginConfig.getDomain(), "").trim()))
.collect(Collectors.toSet());
if (allowedOrigin.contains(origin)) {
headers.set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
origin);
