fix: 修复API响应加密时添加加密 header 标识不生效的问题

2025-12-26 07:06:22 +08:00 · 2025-10-21 11:06:48 +08:00 · 2025-10-21 11:06:48 +08:00 · 6310624c42
commit 6310624c42
parent 2c41d5622c
1 changed files with 4 additions and 2 deletions
--- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/encrypt/core/filter/ApiEncryptResponseWrapper.java
+++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/encrypt/core/filter/ApiEncryptResponseWrapper.java
@ -45,12 +45,14 @@ public class ApiEncryptResponseWrapper extends HttpServletResponseWrapper {
        // 2. 加密 body
        String encryptedBody = symmetricEncryptor != null ? symmetricEncryptor.encryptBase64(body)
                : asymmetricEncryptor.encryptBase64(body, KeyType.PublicKey);
-        response.getWriter().write(encryptedBody);

-        // 3. 添加加密 header 标识
+        // 3. 添加加密 header 标识（设置header要放在response的write之前）
        this.addHeader(properties.getHeader(), "true");
        // 特殊：特殊：https://juejin.cn/post/6867327674675625992
        this.addHeader("Access-Control-Expose-Headers", properties.getHeader());
+
+        // 4. 输出加密后的 body
+        response.getWriter().write(encryptedBody);
    }

    @Override