From 383f81a84b40359b5d3c9849caf368c688e82ec4 Mon Sep 17 00:00:00 2001 From: thinkgem Date: Thu, 11 Mar 2021 21:04:50 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B7=A8=E5=9F=9F=E9=85=8D=E7=BD=AE=20accessCo?= =?UTF-8?q?ntrolAllowOrigin=20=E6=94=AF=E6=8C=81=E5=A4=9A=E5=9F=9F?= =?UTF-8?q?=E5=90=8D=E3=80=81=E6=A8=A1=E7=B3=8A=E5=8C=B9=E9=85=8D=E5=8A=9F?= =?UTF-8?q?=E8=83=BD=EF=BC=9B=E5=A2=9E=E5=8A=A0=20sessionIdCookieSecure=20?= =?UTF-8?q?=E5=8F=82=E6=95=B0=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/shiro/filter/FormAuthenticationFilter.java | 7 ++++--- modules/core/src/main/resources/config/jeesite-core.yml | 5 +++++ modules/core/src/main/resources/views/error/400.html | 2 +- modules/core/src/main/resources/views/error/403.html | 2 +- modules/core/src/main/resources/views/error/404.html | 2 +- modules/core/src/main/resources/views/error/500.html | 2 +- .../src/main/resources/views/modules/sys/forgetPwd.html | 2 +- .../src/main/resources/views/modules/sys/registerUser.html | 2 +- .../src/main/resources/views/modules/sys/sysDesktop.html | 3 ++- .../src/main/resources/views/modules/sys/sysLogin.html | 2 +- web/src/main/resources/config/application.yml | 1 + 11 files changed, 19 insertions(+), 11 deletions(-) diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java index a293ee9e..5581f20e 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java @@ -65,9 +65,10 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc. */ public FormAuthenticationFilter() { super(); - rememberUserCodeCookie = new SimpleCookie(REMEMBER_USERCODE_PARAM); - rememberUserCodeCookie.setHttpOnly(true); - rememberUserCodeCookie.setMaxAge(Cookie.ONE_YEAR); + rememberUserCodeCookie = new SimpleCookie(); + rememberUserCodeCookie.setName(REMEMBER_USERCODE_PARAM); + rememberUserCodeCookie.setPath(Global.getProperty("session.sessionIdCookiePath")); + rememberUserCodeCookie.setSecure(Global.getPropertyToBoolean("session.sessionIdCookieSecure", "false")); instance = this; } diff --git a/modules/core/src/main/resources/config/jeesite-core.yml b/modules/core/src/main/resources/config/jeesite-core.yml index 753e8c65..211a7168 100644 --- a/modules/core/src/main/resources/config/jeesite-core.yml +++ b/modules/core/src/main/resources/config/jeesite-core.yml @@ -371,6 +371,7 @@ shiro: isAllowExternalSiteIframe: true # 是否允许跨域访问 CORS,如果允许,设置允许的域名。当设置'*'号全部域名时,accessControlAllowCredentials应该设置为false。 + # v4.2.3 开始支持多个域名和模糊匹配,例如:http://*.jeesite.com,http://*.jeesite.net # accessControlAllowOrigin: http://demo.jeesite.com # accessControlAllowOrigin: '*' @@ -454,6 +455,10 @@ session: # 共享的SessionId的Cookie名称,保存到跟路径下,第三方应用获取。同一域名下多个项目时需设置共享Cookie的名称。 #shareSessionIdCookieName: ${session.sessionIdCookieName} + # 仅在 HTTPS 下通信 Cookie 数据 + #session.sessionIdCookieSecure: false + #session.sessionIdCookieHttpOnly: true + # 设置接收SessionId请求参数的名称 sessionIdParamName: __sid diff --git a/modules/core/src/main/resources/views/error/400.html b/modules/core/src/main/resources/views/error/400.html index e9c1a5f7..edfc0347 100644 --- a/modules/core/src/main/resources/views/error/400.html +++ b/modules/core/src/main/resources/views/error/400.html @@ -50,7 +50,7 @@ else {
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/modules/core/src/main/resources/views/error/403.html b/modules/core/src/main/resources/views/error/403.html index 0b5e80b8..36615970 100644 --- a/modules/core/src/main/resources/views/error/403.html +++ b/modules/core/src/main/resources/views/error/403.html @@ -37,7 +37,7 @@ else {
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/modules/core/src/main/resources/views/error/404.html b/modules/core/src/main/resources/views/error/404.html index 9f577e07..0ddccaf2 100644 --- a/modules/core/src/main/resources/views/error/404.html +++ b/modules/core/src/main/resources/views/error/404.html @@ -39,7 +39,7 @@ else {
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/modules/core/src/main/resources/views/error/500.html b/modules/core/src/main/resources/views/error/500.html index cc831d4a..63cc7df1 100644 --- a/modules/core/src/main/resources/views/error/500.html +++ b/modules/core/src/main/resources/views/error/500.html @@ -45,7 +45,7 @@ else {
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% if (@Global.getPropertyToBoolean('error.page.printErrorInfo', 'true') diff --git a/modules/core/src/main/resources/views/modules/sys/forgetPwd.html b/modules/core/src/main/resources/views/modules/sys/forgetPwd.html index 02123553..37e37a94 100644 --- a/modules/core/src/main/resources/views/modules/sys/forgetPwd.html +++ b/modules/core/src/main/resources/views/modules/sys/forgetPwd.html @@ -95,7 +95,7 @@
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/modules/core/src/main/resources/views/modules/sys/registerUser.html b/modules/core/src/main/resources/views/modules/sys/registerUser.html index a5cdc8d6..4c84bea2 100644 --- a/modules/core/src/main/resources/views/modules/sys/registerUser.html +++ b/modules/core/src/main/resources/views/modules/sys/registerUser.html @@ -91,7 +91,7 @@
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/modules/core/src/main/resources/views/modules/sys/sysDesktop.html b/modules/core/src/main/resources/views/modules/sys/sysDesktop.html index a332816c..a0880bd5 100644 --- a/modules/core/src/main/resources/views/modules/sys/sysDesktop.html +++ b/modules/core/src/main/resources/views/modules/sys/sysDesktop.html @@ -714,7 +714,8 @@ <% } %> diff --git a/modules/core/src/main/resources/views/modules/sys/sysLogin.html b/modules/core/src/main/resources/views/modules/sys/sysLogin.html index d54244de..0f2ca550 100644 --- a/modules/core/src/main/resources/views/modules/sys/sysLogin.html +++ b/modules/core/src/main/resources/views/modules/sys/sysLogin.html @@ -98,7 +98,7 @@
© ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By JeeSite ${@Global.getProperty('jeesiteVersion')} + href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}
<% } %> diff --git a/web/src/main/resources/config/application.yml b/web/src/main/resources/config/application.yml index 6eed37f9..83e4c931 100644 --- a/web/src/main/resources/config/application.yml +++ b/web/src/main/resources/config/application.yml @@ -484,6 +484,7 @@ shiro: # isAllowExternalSiteIframe: true # # # 是否允许跨域访问 CORS,如果允许,设置允许的域名。当设置'*'号全部域名时,accessControlAllowCredentials应该设置为false。 +# # v4.2.3 开始支持多个域名和模糊匹配,例如:http://*.jeesite.com,http://*.jeesite.net ## accessControlAllowOrigin: http://demo.jeesite.com ## accessControlAllowOrigin: '*' #