diff --git a/app/common/middleware/AllowCrossDomain.php b/app/common/middleware/AllowCrossDomain.php index 48dea529..4709cbb2 100644 --- a/app/common/middleware/AllowCrossDomain.php +++ b/app/common/middleware/AllowCrossDomain.php @@ -43,7 +43,7 @@ class AllowCrossDomain $header = !empty($header) ? array_merge($this->header, $header) : $this->header; $origin = $request->header('origin'); - if ($origin) { + if ($origin && !isset($header['Access-Control-Allow-Origin'])) { $info = parse_url($origin); // 获取跨域配置 @@ -51,10 +51,12 @@ class AllowCrossDomain $corsDomain[] = $request->host(true); if (in_array("*", $corsDomain) || in_array($origin, $corsDomain) || (isset($info['host']) && in_array($info['host'], $corsDomain))) { - header("Access-Control-Allow-Origin: " . $origin); + $header['Access-Control-Allow-Origin'] = $origin; } } + $request->allowCrossDomainHeaders = $header; + return $next($request)->header($header); } } diff --git a/extend/ba/Terminal.php b/extend/ba/Terminal.php index a0e839c7..d0a831af 100644 --- a/extend/ba/Terminal.php +++ b/extend/ba/Terminal.php @@ -170,9 +170,14 @@ class Terminal */ public function exec(bool $authentication = true): void { - header('X-Accel-Buffering: no'); - header('Content-Type: text/event-stream'); - header('Cache-Control: no-cache'); + $headers = request()->allowCrossDomainHeaders ?? []; + $headers['X-Accel-Buffering'] = 'no'; + $headers['Content-Type'] = 'text/event-stream'; + $headers['Cache-Control'] = 'no-cache'; + + foreach ($headers as $name => $val) { + header($name . (!is_null($val) ? ':' . $val : '')); + } while (ob_get_level()) { ob_end_clean();