docs 补充Undertow自定义配置信息注释

2024-11-15 14:51:34 +08:00 · 2024-11-15 14:51:34 +08:00 · a0fc268bb9
commit a0fc268bb9
parent 631739733f
1 changed files with 19 additions and 1 deletions
--- a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java
+++ b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java
@ -18,18 +18,35 @@ import org.springframework.core.task.VirtualThreadTaskExecutor;
@AutoConfiguration
 public class UndertowConfig implements WebServerFactoryCustomizer<UndertowServletWebServerFactory> {

+    /**
+     * 自定义 Undertow 配置
+     * <p>
+     * 主要配置内容包括：
+     * 1. 配置 WebSocket 部署信息
+     * 2. 在虚拟线程模式下使用虚拟线程池
+     * 3. 禁用不安全的 HTTP 方法，如 CONNECT、TRACE、TRACK
+     * </p>
+     *
+     * @param factory Undertow 的 Web 服务器工厂
+     */
    @Override
    public void customize(UndertowServletWebServerFactory factory) {
        factory.addDeploymentInfoCustomizers(deploymentInfo -> {
+            // 配置 WebSocket 部署信息，设置 WebSocket 使用的缓冲区池
            WebSocketDeploymentInfo webSocketDeploymentInfo = new WebSocketDeploymentInfo();
            webSocketDeploymentInfo.setBuffers(new DefaultByteBufferPool(true, 1024));
            deploymentInfo.addServletContextAttribute("io.undertow.websockets.jsr.WebSocketDeploymentInfo", webSocketDeploymentInfo);
-            // 使用虚拟线程
+
+            // 如果启用了虚拟线程，配置 Undertow 使用虚拟线程池
            if (SpringUtils.isVirtual()) {
+                // 创建虚拟线程池，线程池前缀为 "undertow-"
                VirtualThreadTaskExecutor executor = new VirtualThreadTaskExecutor("undertow-");
+                // 设置虚拟线程池为执行器和异步执行器
                deploymentInfo.setExecutor(executor);
                deploymentInfo.setAsyncExecutor(executor);
            }
+
+            // 配置禁止某些不安全的 HTTP 方法（如 CONNECT、TRACE、TRACK）
            deploymentInfo.addInitialHandlerChainWrapper(handler -> {
                // 禁止三个方法 CONNECT/TRACE/TRACK 也是不安全的 避免爬虫骚扰
                HttpString[] disallowedHttpMethods = {
@ -37,6 +54,7 @@ public class UndertowConfig implements WebServerFactoryCustomizer<UndertowServle
                    HttpString.tryFromString("TRACE"),
                    HttpString.tryFromString("TRACK")
                };
+                // 使用 DisallowedMethodsHandler 拦截并拒绝这些方法的请求
                return new DisallowedMethodsHandler(handler, disallowedHttpMethods);
            });
        });