|
@@ -35,7 +35,11 @@ public class SessionFilter implements Filter {
|
|
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
|
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
|
|
|
HttpServletResponse httpServletResponse = (HttpServletResponse)servletResponse;
|
|
HttpServletResponse httpServletResponse = (HttpServletResponse)servletResponse;
|
|
|
HttpServletRequest request = (HttpServletRequest)servletRequest;
|
|
HttpServletRequest request = (HttpServletRequest)servletRequest;
|
|
|
- httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
|
|
|
|
|
|
|
+ String origin = request.getHeader("Origin");
|
|
|
|
|
+ if(origin == null) {
|
|
|
|
|
+ origin = request.getHeader("Referer");
|
|
|
|
|
+ }
|
|
|
|
|
+ httpServletResponse.setHeader("Access-Control-Allow-Origin", origin);
|
|
|
httpServletResponse.setHeader("Access-Control-Allow-Methods",
|
|
httpServletResponse.setHeader("Access-Control-Allow-Methods",
|
|
|
"POST, GET, OPTIONS, DELETE");
|
|
"POST, GET, OPTIONS, DELETE");
|
|
|
httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
|
|
httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
|
