From fef0630608f7ca85dc2afd050221b16abdb062de Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 一月 2022 12:12:08 +0800
Subject: [PATCH] 导出Excel时屏蔽公式，防止CSV注入风险

---
 src/main/java/com/ruoyi/common/utils/file/FileUtils.java |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/ruoyi/common/utils/file/FileUtils.java b/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
index 5a01d54..6aed085 100644
--- a/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
+++ b/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
@@ -210,6 +210,8 @@
                 .append("utf-8''")
                 .append(percentEncodedFileName);
 
+        response.addHeader("Access-Control-Allow-Origin", "*");
+        response.addHeader("Access-Control-Expose-Headers", "Content-Disposition,download-filename");
         response.setHeader("Content-disposition", contentDispositionValue.toString());
         response.setHeader("download-filename", percentEncodedFileName);
     }

--
Gitblit v1.9.3