|
|
@@ -21,6 +21,7 @@ import java.net.URLEncoder;
|
|
|
import java.util.ArrayList;
|
|
|
import java.util.Arrays;
|
|
|
import java.util.List;
|
|
|
+import java.util.Objects;
|
|
|
|
|
|
/**
|
|
|
* 安全验证
|
|
|
@@ -67,8 +68,8 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
|
|
|
// session 中不存在登陆信息
|
|
|
if (user == null) {
|
|
|
logger.info("No session for path: " + url + " , redirecting to page: login ...");
|
|
|
- // 如果是 XMLHttpRequest ,抛出异常,否则直接重定向
|
|
|
- if (request.getHeader("X-Requested-With") != null) {
|
|
|
+ // 如果是 XMLHttpRequest ,抛出异常,否则重定向
|
|
|
+ if (Objects.equals("XMLHttpRequest", request.getHeader("X-Requested-With"))) {
|
|
|
throw new SecurityException("未登录");
|
|
|
}
|
|
|
String returnUrl = request.getRequestURL().toString();
|
sunyj