Examples with TextRender - com.duangframework.mvc.render.TextRender

Example 1 with TextRender

use of com.duangframework.mvc.render.TextRender in project duangframework by tcrct.

the class CORSHandle method execute.

/**
 * 	执行处理器
 * @param target			请求URI
 * @param request			请求对象
 * @param response		返回对象
 * @throws Exception
 */
@Override
public void execute(String target, IRequest request, IResponse response) throws Exception {
    if (ToolsKit.isEmpty(allowHostMap)) {
        return;
    }
    String host = "";
    boolean isAllowAccess = false;
    String allowhost = request.getHeader("Host");
    if (ToolsKit.isEmpty(allowhost)) {
        allowhost = request.getHeader("Origin");
        if (ToolsKit.isEmpty(allowhost)) {
            allowhost = request.getHeader("Referer");
        }
        if (ToolsKit.isEmpty(allowhost)) {
            allowhost = request.getRequestURL().toString();
        }
        if (ToolsKit.isEmpty(allowhost)) {
            String key = request.getParameter("allowhost");
            allowhost = allowHostMap.get(key);
        }
    }
    if (ToolsKit.isNotEmpty(allowhost)) {
        host = allowhost.toLowerCase().replace(PROTOCOL, "").replace(PROTOCOLS, "").replace("*", "");
        int endIndex = host.indexOf(":");
        host = host.substring(0, endIndex > -1 ? endIndex : host.length());
        if (host.startsWith("127.0") || host.startsWith("192.168") || host.toLowerCase().startsWith("localhost")) {
            isAllowAccess = true;
        } else {
            // isAllowAccess = allowHostMap.containsValue(host);
            for (Iterator<Map.Entry<String, String>> iterator = allowHostMap.entrySet().iterator(); iterator.hasNext(); ) {
                Map.Entry<String, String> entry = iterator.next();
                if (host.contains(entry.getValue())) {
                    isAllowAccess = true;
                    break;
                }
            }
        }
    }
    if (isAllowAccess) {
        response.setHeader("Access-Control-Allow-Origin", host);
        response.setHeader("Access-Control-Allow-Credentials", "true");
        String allowString = "Accept,Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With,Authoriza,duang-token-id";
        if (ToolsKit.isEmpty(accessControlAllowHeaders)) {
            accessControlAllowHeaders = allowString;
            String[] arrayItem = ConfigKit.duang().key("allow.host.headers").asArray();
            if (ToolsKit.isNotEmpty(arrayItem)) {
                for (String allowItem : arrayItem) {
                    accessControlAllowHeaders += "," + allowItem;
                }
            }
        }
        response.setHeader("Access-Control-Allow-Headers", accessControlAllowHeaders);
        // 如果是OPTIONS请求且符合CORS规则，则返回200
        if (HttpMethod.OPTIONS.name().equalsIgnoreCase(request.getMethod())) {
            TextRender render = new TextRender("200");
            render.setContext(request, response).render();
            return;
        }
    } else {
        throw new DuangMvcException("the reqeust is not allow");
    }
}

Also used : TextRender(com.duangframework.mvc.render.TextRender) DuangMvcException(com.duangframework.core.exceptions.DuangMvcException) Map(java.util.Map) HashMap(java.util.HashMap)

Aggregations

DuangMvcException (com.duangframework.core.exceptions.DuangMvcException)1 TextRender (com.duangframework.mvc.render.TextRender)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1