解决不安全的http方法

license/src/main/java/iot/sixiang/license/controller/LoginController.java

@@ -31,7 +31,7 @@ import java.util.Map;
  */
 @Slf4j
 @RestController
-@RequestMapping("/")
+@RequestMapping("/iot_license")
 @Api(value = "登录模块", tags = {"登录模块"})
 public class LoginController {
 

license/src/main/java/iot/sixiang/license/controller/ResourceContrller.java

@@ -19,7 +19,7 @@ import java.io.IOException;
 
 
 @RestController
-@RequestMapping("/resource")
+@RequestMapping("/iot_license/resource")
 @Api(value = "资源模块", tags = {"资源模块"})
 public class ResourceContrller {
 

license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java

@@ -11,6 +11,7 @@ import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.util.Date;
 import java.util.Map;
 
@@ -35,9 +36,11 @@ public class JwtFilter implements Filter {
         final HttpServletResponse response = (HttpServletResponse) servletResponse;
         response.setHeader("Set-Cookie","cookiename=cookievalue; path=/; Domain=domainvaule; Max-age=seconds; HttpOnly");
         response.setContentType("text/html; charset=utf-8");
-        if ("OPTIONS".equals(request.getMethod())) {
-            response.setStatus(HttpServletResponse.SC_OK);
-            filterChain.doFilter(request, response);
+        if ("OPTIONS".equals(request.getMethod()) || "HEAD".equals(request.getMethod())) {
+            response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
+            ServletOutputStream outputStream = response.getOutputStream();
+            outputStream.write(new String("不安全的请求".getBytes(), StandardCharsets.UTF_8).getBytes());
+            outputStream.flush();
             return;
         }