From b509b783a1ac29586b2afff3489df6f33693f251 Mon Sep 17 00:00:00 2001
From: zhaolongfei <2651195677@qq.com>
Date: Mon, 21 Oct 2024 14:04:52 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=86=E9=A2=91=E8=A7=A3=E6=9E=90=E6=B7=BB?=
 =?UTF-8?q?=E5=8A=A0=E6=97=A5=E5=BF=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../xboe/module/course/api/CourseWareApi.java | 32 ++++++++++++-------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
index 95cf3a93..6c00f0b5 100644
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
@@ -9,6 +9,7 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -28,6 +29,7 @@ import com.xboe.module.course.service.ICourseFileService;
  */
 @RestController
 @RequestMapping(value = "/xboe/m/course/cware")
+@Slf4j
 public class CourseWareApi extends ApiBaseController {
 
 	private String cookieName = "PLAYSIGN_TIME";
@@ -97,24 +99,24 @@ public class CourseWareApi extends ApiBaseController {
 			return badRequest("非法请求");
 			// return;
 		}
-		
+
 		String httpReferer = request.getHeader("referer");
 		if (StringUtils.isBlank(httpReferer)) {
 			return badRequest("非法请求");
 			// return "非法请求";
 		}
-		
+
 		boolean has=false;
-		 for(String txt :allowUrlSet) {
-			 if(httpReferer.indexOf(txt)>-1) {
-				 has=true;
-			 }
-		 }
-		 
-		 if(!has) {
-			 return badRequest("页面不存在");
-			 //return "非法请求";
-		 }
+		for(String txt :allowUrlSet) {
+			if(httpReferer.indexOf(txt)>-1) {
+				has=true;
+			}
+		}
+
+		if(!has) {
+			return badRequest("页面不存在");
+			//return "非法请求";
+		}
 
 		//读取cookies中的时间
 		String cookieTime = getSignTimeCookie(request);
@@ -131,6 +133,8 @@ public class CourseWareApi extends ApiBaseController {
 		// 第一个/前端是时间
 		int index = signStr.indexOf("/");
 		if (index <= 0) {
+			log.info("解密后的字符串:"+signStr);
+			log.info("解密后的字符串的时间拼接:"+index);
 			return badRequest("验证错误");
 		}
 
@@ -138,9 +142,13 @@ public class CourseWareApi extends ApiBaseController {
 		String cfid = signStr.substring(index+1);// 文件路径
 
 		if (!time.equals(cookieTime)) {
+			log.info("请求头时间和解析后的时间对比:"+"解析时间:"+time+"    请求头时间："+cookieTime);
+			log.info("解密后的字符串的时间拼接:"+signStr);
 			return badRequest("验证错误");
 		}
 		if(StringUtils.isBlank(cfid) || cfid.length()<10) {
+			log.info("查看时间文件路径："+cfid);
+			log.info("解密后的字符串的时间拼接:"+signStr);
 			return badRequest("验证错误");
 		}