jiazhizhong/OpenIsle
1
0
Fork 0
mirror of https://github.com/nagisa77/OpenIsle.git synced 2026-02-15 11:30:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: WebSocketConfig:同时给 SockJS 注册设置允许的 Origin(endpoint 用 patterns,SockJS 用 exact)

Browse Source
This commit is contained in:
tim
2025-08-22 23:18:05 +08:00
parent 92452da19a
commit 1c582fbbf1
1 changed files with 30 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
backend/src/main/java/com/openisle/config/WebSocketConfig.java
View File

@@ -41,24 +41,44 @@ public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
// ① 原生 WebSocket 端点:用 patterns抗 www/端口漂移
registry.addEndpoint("/api/ws")
// 安全改进:使用具体的允许源,而不是通配符
.setAllowedOrigins(
// 本地开发
.setAllowedOriginPatterns(
// 本地
"http://localhost:*",
"http://127.0.0.1:*",
"http://192.168.7.98:*",
"http://30.211.97.238:*",
websiteUrl,
websiteUrl.replace("://www.", "://"),
// 线上域名(务必是 https
// 线上
"https://staging.open-isle.com",
"https://www.staging.open-isle.com"
)
.withSockJS();
"https://www.staging.open-isle.com",
websiteUrl,
websiteUrl.replace("://www.", "://")
);
// ② SockJS 注册:要单独再配一次,且只能 exact不支持 patterns
registry.addEndpoint("/api/ws")
.setAllowedOrigins(
// 本地(端口要写死)
"http://localhost:3000",
"http://localhost:3001",
"http://127.0.0.1:3000",
"http://127.0.0.1:3001",
"http://192.168.7.98",
"http://192.168.7.98:3000",
"http://30.211.97.238",
"http://30.211.97.238:3000",
// 线上
"https://staging.open-isle.com",
"https://www.staging.open-isle.com",
websiteUrl,
websiteUrl.replace("://www.", "://")
) .withSockJS()
.setSessionCookieNeeded(false) // 避免强依赖 JSESSIONID
.setWebSocketEnabled(true);
}
@Override
public void configureClientInboundChannel(ChannelRegistration registration) {
registration.interceptors(new ChannelInterceptor() {