fix: 统一 origin 解析逻辑，修复反向代理下 domainName 不一致

- ServerApi 添加 resolveOrigin() 统一处理 X-Forwarded-Host 头 - ParserApi.parse() 补设 _requestOrigin，修复 /v2/linkInfo 路径遗漏 - 清理 app-dev.yml 残留注释
2026-06-10 23:47:29 +00:00 · 2026-05-29 11:31:08 +08:00
parent e1bf45b5c8
commit cfb624e9e0
3 changed files with 19 additions and 5 deletions
--- a/web-service/src/main/java/cn/qaiu/lz/web/controller/ParserApi.java
+++ b/web-service/src/main/java/cn/qaiu/lz/web/controller/ParserApi.java
@@ -85,6 +85,7 @@ public class ParserApi {
        // 构建链接信息响应，如果有 auth 参数则附加到链接中
        String authSuffix = (auth != null && !auth.isEmpty()) ? "&auth=" + auth : "";
        shareLinkInfo.getOtherParam().put("_requestOrigin", getLinkPrefix(request));
        LinkInfoResp build = LinkInfoResp.builder()
                .downLink(getDownLink(parserCreate, false, request) + authSuffix)
                .apiLink(getDownLink(parserCreate, true, request) + authSuffix)
--- a/web-service/src/main/java/cn/qaiu/lz/web/controller/ServerApi.java
+++ b/web-service/src/main/java/cn/qaiu/lz/web/controller/ServerApi.java
@@ -68,7 +68,7 @@ public class ServerApi {
            key = keys[0];
            pwd = keys[1];
        }
-        String origin = request.scheme() + "://" + request.host();
+        String origin = resolveOrigin(request);
        return cacheService.getCachedByShareKeyAndPwd(type, key, pwd, JsonObject.of("UA",request.headers().get("user-agent"), "_requestOrigin", origin));
    }
@@ -81,7 +81,7 @@ public class ServerApi {
            key = keys[0];
            pwd = keys[1];
        }
-        String origin = request.scheme() + "://" + request.host();
+        String origin = resolveOrigin(request);
        cacheService.getCachedByShareKeyAndPwd(type, key, pwd, JsonObject.of("UA",request.headers().get("user-agent"), "_requestOrigin", origin))
                .onSuccess(res -> ResponseUtil.redirect(
                        response.putHeader("nfd-cache-hit", res.getCacheHit().toString())
@@ -91,6 +91,21 @@ public class ServerApi {
        return promise.future();
    }
    /**
     * 解析请求来源地址，支持反向代理
     */
    private static String resolveOrigin(HttpServerRequest request) {
        String forwardedHost = request.getHeader("X-Forwarded-Host");
        if (forwardedHost != null && !forwardedHost.isBlank()) {
            String proto = request.getHeader("X-Forwarded-Proto");
            if (proto == null || proto.isBlank()) {
                proto = request.scheme();
            }
            return proto + "://" + forwardedHost;
        }
        return request.scheme() + "://" + request.host();
    }
    /**
     * 构建 otherParam，包含 UA 和解码后的认证参数
     *
@@ -99,8 +114,7 @@ public class ServerApi {
     * @return JsonObject
     */
    private JsonObject buildOtherParam(HttpServerRequest request, String auth) {
-        String requestOrigin = request.scheme() + "://" + request.host();
+        JsonObject otherParam = JsonObject.of("UA", request.headers().get("user-agent"), "_requestOrigin", resolveOrigin(request));
        JsonObject otherParam = JsonObject.of("UA", request.headers().get("user-agent"), "_requestOrigin", requestOrigin);
        // 解码认证参数
        if (auth != null && !auth.isEmpty()) {
--- a/web-service/src/main/resources/app-dev.yml
+++ b/web-service/src/main/resources/app-dev.yml
@@ -10,7 +10,6 @@ server:
  previewURL: https://nfd-parser.github.io/nfd-preview/preview.html?src=
  # auth参数加密密钥（16位AES密钥）
  authEncryptKey: 'nfd_auth_key2026'
 #  domainName: https://lz.qaiu.top
 # 反向代理服务器配置路径(不用加后缀)
 proxyConf: server-proxy