hitsword
/
fastadmin
mirror of https://gitee.com/karson/fastadmin.git
1
0
Fork 0
Code Issues Releases Wiki Activity

cors 检测的时候不直接使用 exit

pull/330/head
T2cc 2021-06-22 02:32:54 +00:00 committed by Gitee
parent 99c3fac317
commit 3dfa4f7065
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
application/common.php
View File

@ -431,8 +431,8 @@ if (!function_exists('check_cors_request')) {
if (in_array("*", $domainArr) || in_array($_SERVER['HTTP_ORIGIN'], $domainArr) || (isset($info['host']) && in_array($info['host'], $domainArr))) {
header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
} else {
header('HTTP/1.1 403 Forbidden');
exit;
$response = Response::create('cors 检测无效', 'html', 403);
throw new HttpResponseException($response);
}
header('Access-Control-Allow-Credentials: true');
@ -445,7 +445,8 @@ if (!function_exists('check_cors_request')) {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
exit;
$response = Response::create('', 'json');
throw new HttpResponseException($response);
}
}
}
@ -473,8 +474,8 @@ if (!function_exists('check_ip_allowed')) {
$forbiddenipArr = !$forbiddenipArr ? [] : $forbiddenipArr;
$forbiddenipArr = is_array($forbiddenipArr) ? $forbiddenipArr : array_filter(explode("\n", str_replace("\r\n", "\n", $forbiddenipArr)));
if ($forbiddenipArr && \Symfony\Component\HttpFoundation\IpUtils::checkIp($ip, $forbiddenipArr)) {
header('HTTP/1.1 403 Forbidden');
exit;
$response = Response::create('ip 无权访问', 'html', 403);
throw new HttpResponseException($response);
}
}
}