|
|
@@ -13,13 +13,26 @@ class BaseHandler(RequestHandler):
|
|
|
RequestHandler.__init__(self, application, request, **kwargs)
|
|
|
self._status_code = 200
|
|
|
self.executor = ThreadPoolExecutor(200)
|
|
|
- self.settings['allow_remote_access']=True
|
|
|
- origin_url = self.request.headers.get('Origin')
|
|
|
- self.set_header('Content-Type', 'application/json')
|
|
|
- self.set_header("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,OPTIONS")
|
|
|
- self.set_header("Access-Control-Allow-Headers", "Content-Type, Depth, User-Agent, Token, Origin, X-Requested-With, Accept, Authorization, admin_id")
|
|
|
- self.set_header('Access-Control-Allow-Origin', origin_url)
|
|
|
+ self.set_default_headers()
|
|
|
+
|
|
|
+ def options(self):
|
|
|
+ # 返回方法1
|
|
|
+ self.set_status(200)
|
|
|
+ self.finish()
|
|
|
+
|
|
|
+ def set_default_headers(self):
|
|
|
+ super().set_default_headers()
|
|
|
+ # 设置允许的请求头
|
|
|
+ self.set_header("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS")
|
|
|
+ self.set_header("X-XSS-Protecion", "1")
|
|
|
+ self.set_header("Content-Security-Policy", "default-src 'self'")
|
|
|
self.set_header("Access-Control-Allow-Credentials", "true")
|
|
|
+ # 设置一些自己定义的请求头
|
|
|
+ self.set_header("Access-Control-Allow-Headers",
|
|
|
+ "Content-Type, Depth, User-Agent, Token, Origin, X-Requested-With, Accept, Authorization")
|
|
|
+ self.set_header("Content-Type", "application/json; charset=UTF-8")
|
|
|
+ self.set_header("Access-Control-Allow-Origin","*")
|
|
|
+
|
|
|
|
|
|
def write_json(self, data, status_code=200, msg='success'):
|
|
|
self.write(json.dumps({'status': {'msg': msg, "RetCode": status_code}, 'data': data}))
|
|
|
@@ -28,7 +41,6 @@ class BaseHandler(RequestHandler):
|
|
|
di=json.loads(self.request.body.decode())
|
|
|
if isinstance(di,str):
|
|
|
di=json.loads(di)
|
|
|
-
|
|
|
return di
|
|
|
|
|
|
def write_error(self, status_code, msg=None, **kwargs):
|
