https://github.com/chatopera/cskefu/issues/703 enhance cors policy, split Interceptors

2025-07-24 08:31:45 +08:00 · 2022-04-29 11:41:41 +08:00 · 2022-04-29 11:41:41 +08:00 · 324defc2f3
commit 324defc2f3
parent 2d11e37c57
3 changed files with 48 additions and 28 deletions
--- a/contact-center/app/src/main/java/com/chatopera/cc/config/CSKeFuWebAppConfigurer.java
+++ b/contact-center/app/src/main/java/com/chatopera/cc/config/CSKeFuWebAppConfigurer.java
@ -16,10 +16,7 @@
 */
 package com.chatopera.cc.config;
-import com.chatopera.cc.interceptor.CrossInterceptorHandler;
+import com.chatopera.cc.interceptor.*;
 import com.chatopera.cc.interceptor.LogIntercreptorHandler;
 import com.chatopera.cc.interceptor.UserExperiencePlanInterceptorHandler;
 import com.chatopera.cc.interceptor.UserInterceptorHandler;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.*;
@ -47,6 +44,7 @@ public class CSKeFuWebAppConfigurer
        registry.addInterceptor(new UserInterceptorHandler()).addPathPatterns("/**").excludePathPatterns("/login.html", "/im/**", "/res/image*", "/res/file*", "/cs/**", "/messenger/webhook/*");
        registry.addInterceptor(new CrossInterceptorHandler()).addPathPatterns("/**");
        registry.addInterceptor(new LogIntercreptorHandler()).addPathPatterns("/**");
        registry.addInterceptor(new ViewsInterceptorHandler()).addPathPatterns("/**");
        super.addInterceptors(registry);
    }
 }
--- a/contact-center/app/src/main/java/com/chatopera/cc/interceptor/CrossInterceptorHandler.java
+++ b/contact-center/app/src/main/java/com/chatopera/cc/interceptor/CrossInterceptorHandler.java
@ -16,11 +16,8 @@
 */
 package com.chatopera.cc.interceptor;
 import com.chatopera.cc.basic.MainContext;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 import javax.servlet.http.HttpServletRequest;
@ -29,27 +26,14 @@ import javax.servlet.http.HttpServletResponse;
 public class CrossInterceptorHandler extends HandlerInterceptorAdapter {
    private final static Logger logger = LoggerFactory.getLogger(CrossInterceptorHandler.class);
-//    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
 //            throws Exception {
 //        response.setHeader("Access-Control-Allow-Origin", "*");
 //        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
 //        response.setHeader("Access-Control-Max-Age", "3600");
 //        response.setHeader("Access-Control-Allow-Headers", "x-requested-with,accept,authorization,content-type");
 //        response.setHeader("Access-Control-Allow-Credentials", "true");
 ////        response.setHeader("X-Frame-Options", "SAMEORIGIN");
 //        return true;
 //    }
    @Override
    public void postHandle(HttpServletRequest arg0, HttpServletResponse response, Object arg2,
                           ModelAndView view) throws Exception {
        if ((view != null) && !StringUtils.equals(view.getViewName(), "redirect:/")) {
            view.addObject("models", MainContext.getModules());
        }
    }
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with,accept,authorization,content-type");
        response.setHeader("Access-Control-Allow-Credentials", "true");
 //        response.setHeader("X-Frame-Options", "SAMEORIGIN");
        return true;
    }
 }
--- a/contact-center/app/src/main/java/com/chatopera/cc/interceptor/ViewsInterceptorHandler.java
+++ b/contact-center/app/src/main/java/com/chatopera/cc/interceptor/ViewsInterceptorHandler.java
@ -0,0 +1,38 @@
 /*
 * Copyright (C) 2019-2022 Chatopera Inc, <https://www.chatopera.com>
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package com.chatopera.cc.interceptor;
 import com.chatopera.cc.basic.MainContext;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 public class ViewsInterceptorHandler extends HandlerInterceptorAdapter {
    private final static Logger logger = LoggerFactory.getLogger(ViewsInterceptorHandler.class);
    @Override
    public void postHandle(HttpServletRequest arg0, HttpServletResponse response, Object arg2,
                           ModelAndView view) throws Exception {
        if ((view != null) && !StringUtils.equals(view.getViewName(), "redirect:/")) {
            view.addObject("models", MainContext.getModules());
        }
    }
 }