Yansen 1 anno fa
parent
commit
1c7da75368

+ 1
- 1
pom.xml Vedi File

@@ -10,7 +10,7 @@
10 10
 	</parent>
11 11
 	<groupId>com.njyunzhi</groupId>
12 12
 	<artifactId>invoice</artifactId>
13
-	<version>0.0.6</version>
13
+	<version>0.0.8</version>
14 14
 	<name>invoice-fill</name>
15 15
 	<description>发票填报</description>
16 16
 	<properties>

+ 1
- 1
src/main/java/com/njyunzhi/invoice/config/cros/CorsFilter.java Vedi File

@@ -28,7 +28,7 @@ public class CorsFilter extends OncePerRequestFilter {
28 28
         response.setHeader("Access-Control-Allow-Origin", origin);
29 29
         response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
30 30
         response.setHeader("Access-Control-Max-Age", "3600");
31
-        response.setHeader("Access-Control-Allow-Headers", "*");
31
+        response.setHeader("Access-Control-Allow-Headers", String.join(", ", crosProperties.getAllowHeaders()));
32 32
         response.addHeader("Access-Control-Expose-Headers", String.join(", ", crosProperties.getExposedHeaders()));
33 33
 
34 34
         if ("OPTIONS".equals(request.getMethod())) {

+ 1
- 0
src/main/java/com/njyunzhi/invoice/config/cros/CorsProperties.java Vedi File

@@ -14,4 +14,5 @@ public class CorsProperties {
14 14
     List<String> origins;
15 15
     List<String> methods;
16 16
     List<String> exposedHeaders;
17
+    List<String> allowHeaders;
17 18
 }

+ 2
- 0
src/main/resources/application-dev.yml Vedi File

@@ -30,6 +30,8 @@ cors:
30 30
   exposedHeaders:
31 31
     - Authorization
32 32
     - Content-Disposition
33
+  allowHeaders:
34
+    - Authorization
33 35
   methods:
34 36
     - GET
35 37
     - POST

+ 2
- 0
src/main/resources/application-prod.yml Vedi File

@@ -17,6 +17,8 @@ cors:
17 17
   exposedHeaders:
18 18
     - Authorization
19 19
     - Content-Disposition
20
+  allowHeaders:
21
+    - Authorization
20 22
   methods:
21 23
     - GET
22 24
     - POST