项目最近添加了一个ip黑白名单的功能, 发现如果ip过滤的拦截器返回 false 后前端会显示跨域, 尝试修改mvc配置类后发现还是不行, 最后在拦截器加了个判断就可以了
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
// ----------- 加上这个就好了 -----------
if (!(handler instanceof HandlerMethod)) {
return true;
}
}WebMvcConfigurer 配置类
@Configuration
@RestControllerAdvice
public class WebMvcConfig implements WebMvcConfigurer {
@Resource
private IpFilterInterceptor ipFilterInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
// IP拦截器
registry.addInterceptor(ipFilterInterceptor)
.addPathPatterns("/**")
.order(5);
}
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowCredentials(true)
.allowedOriginPatterns("*")
.allowedMethods("*")
.allowedHeaders("*")
.maxAge(3600);
}
}修改前的 IP拦截器
@Component
public class IpFilterInterceptor implements HandlerInterceptor {
/**
* 是否启用
*/
private boolean enable;
/**
* 是否为白名单
*/
private boolean isWhiteList;
/**
* 过滤器
*/
private List filters;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
// 停用
if (!enable) {
return true;
}
String ip = Servlets.getRemoteAddr(request);
// 本机不过滤
if (Const.LOCALHOST_IP_V4.equals(ip)) {
return true;
}
// 过滤
boolean contains = false;
for (String filter : filters) {
if (Strings.isBlank(filter)) {
continue;
}
// 检测
contains = Utils.checkIpIn(ip, filter);
if (contains) {
break;
}
}
// 结果
boolean pass;
if (isWhiteList) {
pass = contains;
} else {
pass = !contains;
}
// 返回
if (!pass) {
response.setContentType(StandardContentType.APPLICATION_JSON);
Servlets.transfer(response, HttpWrapper.of(ResultCode.IP_BAN).toJsonString().getBytes());
}
return pass;
}
} 修改后的 IP拦截器
@Component
public class IpFilterInterceptor implements HandlerInterceptor {
/**
* 是否启用
*/
private boolean enable;
/**
* 是否为白名单
*/
private boolean isWhiteList;
/**
* 过滤器
*/
private List filters;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
// 停用
if (!enable) {
return true;
}
// ----------- 加上这个就好了 -----------
if (!(handler instanceof HandlerMethod)) {
return true;
}
String ip = Servlets.getRemoteAddr(request);
// 本机不过滤
if (Const.LOCALHOST_IP_V4.equals(ip)) {
return true;
}
// 过滤
boolean contains = false;
for (String filter : filters) {
if (Strings.isBlank(filter)) {
continue;
}
// 检测
contains = Utils.checkIpIn(ip, filter);
if (contains) {
break;
}
}
// 结果
boolean pass;
if (isWhiteList) {
pass = contains;
} else {
pass = !contains;
}
// 返回
if (!pass) {
response.setContentType(StandardContentType.APPLICATION_JSON);
Servlets.transfer(response, HttpWrapper.of(ResultCode.IP_BAN).toJsonString().getBytes());
}
return pass;
}
} 最后, 问题的原因是出在了拦截器身上 需要在 preHandle 中 判断 handler 的类型必须是 HandlerMethod 的话才能通过
