hai 1 ano · e04484023e
--- a/ruoyi-admin/src/main/resources/application-test.yml
+++ b/ruoyi-admin/src/main/resources/application-test.yml
@@ -53,12 +53,12 @@ spring:
 
				                 # 主库数据源 stringtype=unspecified 如果stringtype设置为 unspecified，参数将作为非类型值发送到服务器，并且服务器将尝试推断适当的类型。
			
 
				                 master:
			
 
				 #                     url: jdbc:postgresql://119.96.165.176:5432/test_lixing?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				-                     url: jdbc:postgresql://119.96.165.176:5432/lhk_union_mgr_new?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				-                     username: postgres
			
 
				-                     password: kpr.23417.postgres
			
 
				-#                      url: jdbc:postgresql://140.246.183.164:5432/union_mgr?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				-#                      username: postgres
			
 
				-#                      password: kpr.23417.postgres
			
 
				+#                     url: jdbc:postgresql://119.96.165.176:5432/lhk_union_mgr_new?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				+#                     username: postgres
			
 
				+#                     password: kpr.23417.postgres
			
 
				+                      url: jdbc:postgresql://140.246.183.164:5432/union_mgr?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				+                      username: postgres
			
 
				+                      password: kpr.23417.postgres
			
 
				 #                      url: jdbc:postgresql://60.13.253.94:54321/union_mgr?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false&allowMultiQueries=true&zeroDateTimeBehavior=convertToNull
			
 
				 #                      username: postgres
			
 
				 #                      password: kpr.23417.postgres
			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java
@@ -3,6 +3,8 @@ package com.ruoyi.framework.config;
 
				 import java.util.HashMap;
			
 
				 import java.util.Map;
			
 
				 import javax.servlet.DispatcherType;
			
 
				+
			
 
				+import com.ruoyi.framework.filter.ContentTypeOptionsHeaderFilter;
			
 
				 import org.springframework.beans.factory.annotation.Value;
			
 
				 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
			
 
				 import org.springframework.boot.web.servlet.FilterRegistrationBean;
			
@@ -41,4 +43,12 @@ public class FilterConfig
 
				         registration.setInitParameters(initParameters);
			
 
				         return registration;
			
 
				     }
			
 
				+
			
 
				+    @Bean
			
 
				+    public FilterRegistrationBean<ContentTypeOptionsHeaderFilter> contentTypeOptionsHeaderFilter(){
			
 
				+        FilterRegistrationBean<ContentTypeOptionsHeaderFilter> registrationBean = new FilterRegistrationBean<>();
			
 
				+        registrationBean.setFilter(new ContentTypeOptionsHeaderFilter());
			
 
				+        registrationBean.addUrlPatterns("/*");
			
 
				+        return registrationBean;
			
 
				+    }
			
 
				 }
			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/filter/ContentTypeOptionsHeaderFilter.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/filter/ContentTypeOptionsHeaderFilter.java
@@ -0,0 +1,26 @@
 
				+package com.ruoyi.framework.filter;
			
 
				+
			
 
				+import javax.servlet.*;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+import java.io.IOException;
			
 
				+
			
 
				+public class ContentTypeOptionsHeaderFilter implements Filter {
			
 
				+
			
 
				+    @Override
			
 
				+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			
 
				+            throws IOException, ServletException {
			
 
				+        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
			
 
				+        httpServletResponse.setHeader("X-Content-Type-Options", "nosniff");
			
 
				+        httpServletResponse.setHeader("X-Frame-Options", "DENY");
			
 
				+        httpServletResponse.setHeader("X-XSS-Protection", "1; mode=block");
			
 
				+        chain.doFilter(request, response);
			
 
				+    }
			
 
				+
			
 
				+    @Override
			
 
				+    public void init(FilterConfig filterConfig) {
			
 
				+    }
			
 
				+
			
 
				+    @Override
			
 
				+    public void destroy() {
			
 
				+    }
			
 
				+}