hitsword
/
fastadmin
mirror of https://gitee.com/karson/fastadmin.git
1
0
Fork 0
Code Issues Releases Wiki Activity

!330 cors 检测的时候不直接使用 exit 

Merge pull request !330 from T2cc/N/A
pull/319/MERGE
Karson 2021-07-19 07:28:56 +00:00 committed by Gitee
parent dfd0ba0524 3dfa4f7065
commit 8b11a77294
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
application/common.php
View File

@ -431,8 +431,8 @@ if (!function_exists('check_cors_request')) {
if (in_array("*", $domainArr) || in_array($_SERVER['HTTP_ORIGIN'], $domainArr) || (isset($info['host']) && in_array($info['host'], $domainArr))) {
header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
} else {
header('HTTP/1.1 403 Forbidden');
exit;
$response = Response::create('cors 检测无效', 'html', 403);
throw new HttpResponseException($response);
}
header('Access-Control-Allow-Credentials: true');
@ -445,7 +445,8 @@ if (!function_exists('check_cors_request')) {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
exit;
$response = Response::create('', 'json');
throw new HttpResponseException($response);
}
}
}
@ -473,8 +474,8 @@ if (!function_exists('check_ip_allowed')) {
$forbiddenipArr = !$forbiddenipArr ? [] : $forbiddenipArr;
$forbiddenipArr = is_array($forbiddenipArr) ? $forbiddenipArr : array_filter(explode("\n", str_replace("\r\n", "\n", $forbiddenipArr)));
if ($forbiddenipArr && \Symfony\Component\HttpFoundation\IpUtils::checkIp($ip, $forbiddenipArr)) {
header('HTTP/1.1 403 Forbidden');
exit;
$response = Response::create('ip 无权访问', 'html', 403);
throw new HttpResponseException($response);
}
}
}