跨域配置 accessControlAllowOrigin 支持多域名、模糊匹配功能；增加 sessionIdCookieSecure 参数配置

modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java

@@ -65,9 +65,10 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.
 	 */
 	public FormAuthenticationFilter() {
 		super();
-		rememberUserCodeCookie = new SimpleCookie(REMEMBER_USERCODE_PARAM);
-		rememberUserCodeCookie.setHttpOnly(true);
-        rememberUserCodeCookie.setMaxAge(Cookie.ONE_YEAR);
+		rememberUserCodeCookie = new SimpleCookie();
+		rememberUserCodeCookie.setName(REMEMBER_USERCODE_PARAM);
+		rememberUserCodeCookie.setPath(Global.getProperty("session.sessionIdCookiePath"));
+		rememberUserCodeCookie.setSecure(Global.getPropertyToBoolean("session.sessionIdCookieSecure", "false"));
         instance = this;
 	}
 	

modules/core/src/main/resources/config/jeesite-core.yml

@@ -371,6 +371,7 @@ shiro:
   isAllowExternalSiteIframe: true
   
   # 是否允许跨域访问 CORS，如果允许，设置允许的域名。当设置'*'号全部域名时，accessControlAllowCredentials应该设置为false。
+  # v4.2.3 开始支持多个域名和模糊匹配，例如：http://*.jeesite.com,http://*.jeesite.net
 #  accessControlAllowOrigin: http://demo.jeesite.com
 #  accessControlAllowOrigin: '*'
 
@@ -454,6 +455,10 @@ session:
   # 共享的SessionId的Cookie名称，保存到跟路径下，第三方应用获取。同一域名下多个项目时需设置共享Cookie的名称。
   #shareSessionIdCookieName: ${session.sessionIdCookieName}
 
+  # 仅在 HTTPS 下通信 Cookie 数据
+  #session.sessionIdCookieSecure: false
+  #session.sessionIdCookieHttpOnly: true
+
   # 设置接收SessionId请求参数的名称
   sessionIdParamName: __sid
   

modules/core/src/main/resources/views/error/400.html

@@ -50,7 +50,7 @@ else {
 	</div>
 	<div class="copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
-			href="http://jeesite.com">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>

modules/core/src/main/resources/views/error/403.html

@@ -37,7 +37,7 @@ else {
 	</div>
 	<div class="copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
-			href="http://jeesite.com">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>

modules/core/src/main/resources/views/error/404.html

@@ -39,7 +39,7 @@ else {
 	</div>
 	<div class="copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
-			href="http://jeesite.com">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>

modules/core/src/main/resources/views/error/500.html

@@ -45,7 +45,7 @@ else {
 	</div>
 	<div class="copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
-			href="http://jeesite.com">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% if (@Global.getPropertyToBoolean('error.page.printErrorInfo', 'true')

modules/core/src/main/resources/views/modules/sys/forgetPwd.html

@@ -95,7 +95,7 @@
 	<div class="login-copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
 			id="loginKey" data-key="${@Global.getConfig('shiro.loginSubmit.secretKey')}"
-			href="http://jeesite.com" >JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>

modules/core/src/main/resources/views/modules/sys/registerUser.html

@@ -91,7 +91,7 @@
 	<div class="login-copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
 			id="loginKey" data-key="${@Global.getConfig('shiro.loginSubmit.secretKey')}"
-			href="http://jeesite.com" >JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>

modules/core/src/main/resources/views/modules/sys/sysDesktop.html

@@ -714,7 +714,8 @@
 </div>
 <footer class="main-footer m0">
 	<div class="pull-right hidden-xs">当前版本： ${@Global.getConfig('productVersion')}</div>
-	&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a href="http://jeesite.com">JeeSite</a>
+	&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By
+	<a href="http://jeesite.com" target="_blank">JeeSite</a>
 </footer>
 <% } %>
 <script src="${ctxStatic}/jquery/jquery-ui-sortable-1.12.1.min.js"></script>

modules/core/src/main/resources/views/modules/sys/sysLogin.html

@@ -98,7 +98,7 @@
 	<div class="login-copyright">
 		&copy; ${@DateUtils.getYear()} ${@Global.getConfig('productName')} - Powered By <a
 			id="loginKey" data-key="${@Global.getConfig('shiro.loginSubmit.secretKey')}"
-			href="http://jeesite.com" >JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
+			href="http://jeesite.com" target="_blank">JeeSite ${@Global.getProperty('jeesiteVersion')}</a>
 	</div>
 </div>
 <% } %>