TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-08 07:50:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

HTTP Header - CORS跨域设置增加多个选项

Browse Source
This commit is contained in:
刘祥超
2023-05-19 16:32:28 +08:00
parent 79b4054e31
commit 1f5894ff82
3 changed files with 97 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/web/actions/default/servers/server/settings/headers/updateCORSPopup.go
View File

@@ -49,7 +49,7 @@ func (this *UpdateCORSPopupAction) RunPost(params struct {
Must *actions.Must Must *actions.Must
CSRF *actionutils.CSRF CSRF *actionutils.CSRF
}) { }) {
var config = &shared.HTTPCORSHeaderConfig{} var config = shared.NewHTTPCORSHeaderConfig()
err := json.Unmarshal(params.CorsJSON, config) err := json.Unmarshal(params.CorsJSON, config)
if err != nil { if err != nil {
this.Fail("配置校验失败:" + err.Error()) this.Fail("配置校验失败:" + err.Error())

103
web/public/js/components/server/http-cors-header-config-box.js
View File

@@ -11,23 +11,110 @@ Vue.component("http-cors-header-config-box", {
exposeHeaders: [], exposeHeaders: [],
maxAge: 0, maxAge: 0,
requestHeaders: [], requestHeaders: [],
requestMethod: "" requestMethod: "",
optionsMethodOnly: false
} }
} }
if (config.allowMethods == null) {
config.allowMethods = []
}
if (config.exposeHeaders == null) {
config.exposeHeaders = []
}
let maxAgeSecondsString = config.maxAge.toString()
if (maxAgeSecondsString == "0") {
maxAgeSecondsString = ""
}
return { return {
config: config config: config,
maxAgeSecondsString: maxAgeSecondsString,
moreOptionsVisible: false
}
},
watch: {
maxAgeSecondsString: function (v) {
let seconds = parseInt(v)
if (isNaN(seconds)) {
seconds = 0
}
this.config.maxAge = seconds
}
},
methods: {
changeMoreOptions: function (visible) {
this.moreOptionsVisible = visible
},
addDefaultAllowMethods: function () {
let that = this
let defaultMethods = ["PUT", "GET", "POST", "DELETE", "HEAD", "OPTIONS", "PATCH"]
defaultMethods.forEach(function (method) {
if (!that.config.allowMethods.$contains(method)) {
that.config.allowMethods.push(method)
}
})
} }
}, },
template: `<div> template: `<div>
<input type="hidden" name="corsJSON" :value="JSON.stringify(config)"/> <input type="hidden" name="corsJSON" :value="JSON.stringify(config)"/>
<table class="ui table definition selectable"> <table class="ui table definition selectable">
<tr> <tbody>
<td class="title">启用CORS自适应跨域</td> <tr>
<td> <td class="title">启用CORS自适应跨域</td>
<checkbox v-model="config.isOn"></checkbox> <td>
</td> <checkbox v-model="config.isOn"></checkbox>
</tr> <p class="comment">启用后自动在响应Header中增加对应的<code-label>Access-Control-*</code-label>相关内容。</p>
</td>
</tr>
</tbody>
<tbody v-show="config.isOn">
<tr>
<td colspan="2"><more-options-indicator @change="changeMoreOptions"></more-options-indicator></td>
</tr>
</tbody>
<tbody v-show="config.isOn && moreOptionsVisible">
<tr>
<td>允许的请求方法列表</td>
<td>
<http-methods-box :v-methods="config.allowMethods"></http-methods-box>
<p class="comment"><a href="" @click.prevent="addDefaultAllowMethods">[添加默认]</a>。<code-label>Access-Control-Allow-Methods</code-label>值设置。所访问资源允许使用的方法列表,不设置则表示默认为<code-label>PUT</code-label>、<code-label>GET</code-label>、<code-label>POST</code-label>、<code-label>DELETE</code-label>、<code-label>HEAD</code-label>、<code-label>OPTIONS</code-label>、<code-label>PATCH</code-label>。</p>
</td>
</tr>
<tr>
<td>预检结果缓存时间</td>
<td>
<div class="ui input right labeled">
<input type="text" style="width: 6em" maxlength="6" v-model="maxAgeSecondsString"/>
<span class="ui label">秒</span>
</div>
<p class="comment"><code-label>Access-Control-Max-Age</code-label>值设置。预检结果缓存时间0或者不填表示使用浏览器默认设置。注意每个浏览器有不同的缓存时间上限。</p>
</td>
</tr>
<tr>
<td>允许服务器暴露的Header</td>
<td>
<values-box :v-values="config.exposeHeaders"></values-box>
<p class="comment"><code-label>Access-Control-Expose-Headers</code-label>值设置。允许服务器暴露的Header请注意Header的大小写。</p>
</td>
</tr>
<tr>
<td>实际请求方法</td>
<td>
<input type="text" v-model="config.requestMethod"/>
<p class="comment"><code-label>Access-Control-Request-Method</code-label>值设置。实际请求服务器时使用的方法,比如<code-label>POST</code-label>。</p>
</td>
</tr>
<tr>
<td>仅OPTIONS有效</td>
<td>
<checkbox v-model="config.optionsMethodOnly"></checkbox>
<p class="comment">选中后表示当前CORS设置仅在OPTIONS方法请求时有效。</p>
</td>
</tr>
</tbody>
</table> </table>
<div class="margin"></div> <div class="margin"></div>
</div>` </div>`

1
web/public/js/components/server/http-header-policy-box.js
View File

@@ -125,6 +125,7 @@ Vue.component("http-header-policy-box", {
}, },
updateCORS: function (policyId) { updateCORS: function (policyId) {
teaweb.popup("/servers/server/settings/headers/updateCORSPopup?" + this.vParams + "&headerPolicyId=" + policyId + "&type=" + this.type, { teaweb.popup("/servers/server/settings/headers/updateCORSPopup?" + this.vParams + "&headerPolicyId=" + policyId + "&type=" + this.type, {
height: "30em",
callback: function () { callback: function () {
teaweb.successRefresh("保存成功") teaweb.successRefresh("保存成功")
} }