From 15cfa7e2d1048f7b37c5fb8ed33e64c35f5fa303 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9A=AE=E5=85=89=EF=BC=9A=E5=9F=8E=E4=B8=AD=E5=9F=8E?= <806783409@qq.com> Date: Fri, 1 Feb 2019 18:37:55 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BD=E5=90=8D=E5=8D=95=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E6=AD=A3=E5=88=99=E5=8C=B9=E9=85=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/resources/application.yml | 4 ++-- .../src/test/java/com/zyplayer/doc/test/Test.java | 13 +++++++++++++ .../swagger/controller/MgHttpRequestController.java | 12 ++++++++++-- 3 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 zyplayer-doc-manage/src/test/java/com/zyplayer/doc/test/Test.java diff --git a/zyplayer-doc-manage/src/main/resources/application.yml b/zyplayer-doc-manage/src/main/resources/application.yml index 39e62337..4194657b 100644 --- a/zyplayer-doc-manage/src/main/resources/application.yml +++ b/zyplayer-doc-manage/src/main/resources/application.yml @@ -13,8 +13,8 @@ zyplayer: doc: swagger: proxy-request: - # 内部访问时可以代理请求的域名,使用 ; 分割,必须设置,防止访问到内部地址资源 - white-domain: http://127.0.0.1/;http://www.baidu.com/;http://swagger-bootstrap-ui.xiaominfo.com/ + # 允许代理请求的域名,正则表达式,多个使用 ; 分割,必须设置,防止通过代理接口访问到内部资源,实在觉得没必要可设置为:.+ + white-domain: \S+\.zyplayer\.com;127.0.1:8080;\S+\.xiaominfo\.com; # zyplayer_doc_manage管理端的数据库配置 manage: datasource: diff --git a/zyplayer-doc-manage/src/test/java/com/zyplayer/doc/test/Test.java b/zyplayer-doc-manage/src/test/java/com/zyplayer/doc/test/Test.java new file mode 100644 index 00000000..0c795cd4 --- /dev/null +++ b/zyplayer-doc-manage/src/test/java/com/zyplayer/doc/test/Test.java @@ -0,0 +1,13 @@ +package com.zyplayer.doc.test; + +public class Test { + + public static void main(String[] args) { + String originRegex = "\\w+\\.zyplayer\\.com"; + String origin = "http://doc.zyplayer.com/manage/"; + origin = origin.replace("http://", "").replace("https://", ""); + origin = origin.substring(0, origin.indexOf("/")); + System.out.println(origin.toLowerCase().matches(originRegex)); + } + +} diff --git a/zyplayer-doc-swagger/src/main/java/com/zyplayer/doc/swagger/controller/MgHttpRequestController.java b/zyplayer-doc-swagger/src/main/java/com/zyplayer/doc/swagger/controller/MgHttpRequestController.java index 72f77b4a..d82eb206 100644 --- a/zyplayer-doc-swagger/src/main/java/com/zyplayer/doc/swagger/controller/MgHttpRequestController.java +++ b/zyplayer-doc-swagger/src/main/java/com/zyplayer/doc/swagger/controller/MgHttpRequestController.java @@ -40,12 +40,20 @@ public class MgHttpRequestController { if (whiteDomain == null || whiteDomain.isEmpty()) { return DocResponseJson.warn("未设置代理请求白名单,不能代理请求"); } - long inWhiteList = whiteDomain.stream().filter(paramUrl::startsWith).count(); + paramUrl = paramUrl.replace("http://", "").replace("https://", ""); + String regexStr = paramUrl.substring(0, paramUrl.indexOf("/")); + long inWhiteList = whiteDomain.stream().filter(val -> regexStr.matches(val)).count(); if (inWhiteList <= 0) { return DocResponseJson.warn("该域名不在白名单内,不能代理请求"); } HttpRequest request = param.createRequest(); - HttpResponse response = request.execute(); + HttpResponse response; + try{ + response = request.execute(); + } catch (Exception e) { + e.printStackTrace(); + return DocResponseJson.warn("请求失败,请检查域名是否正确"); + } HttpRequestVo httpRequestVo = new HttpRequestVo(); httpRequestVo.setData(response.body()); httpRequestVo.setStatus(response.getStatus());