🐛 多域名跨域

2021-01-08 16:32:02 +08:00
parent 0cd4624a36
commit dcebf5257f
6 changed files with 26 additions and 6 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,4 +1,4 @@
-name: Build
+name: build

 on:
  push:
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,4 +1,4 @@
-name: Release
+name: release
 on:
  push:
    tags:
--- a/bootstrap/config.go
+++ b/bootstrap/config.go
@@ -6,6 +6,7 @@ import (
 	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v2"
 	"io/ioutil"
+	"strings"
 )

 func ReadConf(config string) bool {
@@ -25,5 +26,6 @@ func ReadConf(config string) bool {
 		return false
 	}
 	log.Debugf("config:%+v",conf.Conf)
+	conf.Origins = strings.Split(conf.Conf.Info.SiteUrl,",")
 	return true
 }
--- a/conf/const.go
+++ b/conf/const.go
@@ -13,12 +13,14 @@ var(
 	Authorization string

 	Cache *cache.Cache
+
+	Origins []string
 )

 var Conf = new(Config)

 const (
-	VERSION="v0.1.4"
+	VERSION="v0.1.5"

 	ImageThumbnailProcess="image/resize,w_50"
 	VideoThumbnailProcess="video/snapshot,t_0,f_jpg,w_50"
--- a/server/middlewares.go
+++ b/server/middlewares.go
@@ -2,6 +2,7 @@ package server

 import (
 	"github.com/Xhofe/alist/conf"
+	"github.com/Xhofe/alist/utils"
 	"github.com/gin-gonic/gin"
 	"net/http"
 )
@@ -9,10 +10,14 @@ import (
 func CrosHandler() gin.HandlerFunc {
 	return func(context *gin.Context) {
 		method := context.Request.Method
-		context.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		context.Header("Access-Control-Allow-Origin", conf.Conf.Info.SiteUrl) // 设置允许访问所有域
+		// 设置跨域
+		if conf.Conf.Info.SiteUrl=="*"||utils.ContainsString(conf.Origins,context.GetHeader("Origin"))!=-1 {
+			context.Header("Access-Control-Allow-Origin",context.GetHeader("Origin"))
+		}else {
+			context.Header("Access-Control-Allow-Origin", conf.Conf.Info.SiteUrl)//跨域访问
+		}
 		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
-		context.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session,X_Requested_With,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language,DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Pragma,token,openid,opentoken")
+		context.Header("Access-Control-Allow-Headers", "Content-Length,session,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, Keep-Alive, User-Agent, Cache-Control, Content-Type, Pragma")
 		context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar")
 		context.Header("Access-Control-Max-Age", "172800")
 		context.Header("Access-Control-Allow-Credentials", "true")
--- a/utils/check.go
+++ b/utils/check.go
@@ -13,4 +13,15 @@ func GetCode(rawUrl string) string {
 	}
 	code:=u.Query().Get("code")
 	return code
+}
+
+func ContainsString(array []string, val string) (index int) {
+	index = -1
+	for i := 0; i < len(array); i++ {
+		if array[i] == val {
+			index = i
+			return
+		}
+	}
+	return
 }