package com.common.aspect;
|
|
import lombok.extern.slf4j.Slf4j;
|
import org.aspectj.lang.annotation.AfterReturning;
|
import org.aspectj.lang.annotation.Aspect;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
/**
|
* @author 谢滨璜
|
* @date 2022-08-04
|
* @company deloitte
|
*/
|
@Slf4j
|
@Aspect
|
@Component
|
@Order(-1)
|
public class ResponseHeaderAspect {
|
|
@AfterReturning(pointcut = "execution(* com..controller..*.*(..))" +
|
"&& (@annotation(org.springframework.web.bind.annotation.RequestMapping)" +
|
"|| @annotation(org.springframework.web.bind.annotation.GetMapping)" +
|
"|| @annotation(org.springframework.web.bind.annotation.PostMapping)" +
|
"|| @annotation(org.springframework.web.bind.annotation.DeleteMapping)" +
|
"|| @annotation(org.springframework.web.bind.annotation.PatchMapping))", returning = "objectReturn")
|
public void doAfterCalssReturning(Object objectReturn) throws Throwable {
|
try {
|
handleLog(objectReturn);
|
} catch (Throwable e) {
|
log.error("LogReturnAspect>>>>>>>>", e);
|
throw e;
|
}
|
}
|
|
protected void handleLog(Object objectReturn) {
|
HttpServletResponse response = ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getResponse();
|
response.addHeader("Content-Security-Policy","default-src 'self'");
|
response.addHeader("Strict-Transport-Security","max-age=31536000; includeSubdomains");
|
response.addHeader("Referrer-Policy","no-referrer-when-downgrade");
|
response.addHeader("X-Permitted-Cross-Domain-Policies","all");
|
response.addHeader("X-Download-Options","noopen");
|
}
|
}
|
