cors

report-core/src/main/java/com/anjiplus/template/gaea/business/filter/CORSFilter.java

@@ -3,6 +3,7 @@ package com.anjiplus.template.gaea.business.filter;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
+import org.springframework.http.server.reactive.ServerHttpRequest;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
@@ -20,13 +21,14 @@ public class CORSFilter implements Filter {
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
+        ServerHttpRequest req = (ServerHttpRequest) request;
         HttpServletResponse res = (HttpServletResponse) response;
         // 设置允许Cookie
         res.addHeader("Access-Control-Allow-Credentials", "true");
         // 允许http://www.xxx.com域（自行设置，这里只做示例）发起跨域请求
-        res.addHeader("Access-Control-Allow-Origin", "*");
+        res.addHeader("Access-Control-Allow-Origin", req.getHeaders().getOrigin());
         // 设置允许跨域请求的方法
-        res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
+        res.addHeader("Access-Control-Allow-Methods", "*");
         // 允许跨域请求包含content-type
         res.addHeader("Access-Control-Allow-Headers", "*");
 //        if (((HttpServletRequest) request).getMethod().equals("OPTIONS")) {