From cfe9a31ca6f2993f4718ba9a3db7c7c5ca5603d9 Mon Sep 17 00:00:00 2001 From: xiongziliang <771730766@qq.com> Date: Sat, 27 Jan 2024 21:29:10 +0800 Subject: [PATCH] Fix http cross domain issues --- src/Http/HttpSession.cpp | 5 +++-- src/Http/HttpSession.h | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/Http/HttpSession.cpp b/src/Http/HttpSession.cpp index a593cc62..f0dd8936 100644 --- a/src/Http/HttpSession.cpp +++ b/src/Http/HttpSession.cpp @@ -65,6 +65,7 @@ ssize_t HttpSession::onRecvHeader(const char *header, size_t len) { _parser.parse(header, len); CHECK(_parser.url()[0] == '/'); + _origin = _parser["Origin"]; urlDecode(_parser); auto &cmd = _parser.method(); @@ -606,8 +607,8 @@ void HttpSession::sendResponse(int code, headerOut.emplace("Connection", bClose ? "close" : "keep-alive"); GET_CONFIG(bool, allow_cross_domains, Http::kAllowCrossDomains); - if (allow_cross_domains) { - headerOut.emplace("Access-Control-Allow-Origin", "*"); + if (allow_cross_domains && !_origin.empty()) { + headerOut.emplace("Access-Control-Allow-Origin", _origin); headerOut.emplace("Access-Control-Allow-Credentials", "true"); } diff --git a/src/Http/HttpSession.h b/src/Http/HttpSession.h index 33f0984f..9b0410ff 100644 --- a/src/Http/HttpSession.h +++ b/src/Http/HttpSession.h @@ -136,6 +136,8 @@ private: size_t _max_req_size = 0; //消耗的总流量 uint64_t _total_bytes_usage = 0; + // http请求中的 Origin字段 + std::string _origin; Parser _parser; toolkit::Ticker _ticker; TSMediaSource::RingType::RingReader::Ptr _ts_reader;