默认过滤的header
spring-cloud-netflix-core-1.2.6.RELEASE-sources.jar!/org/springframework/cloud/netflix/zuul/filters/ZuulProperties.java
/**
* List of sensitive headers that are not passed to downstream requests. Defaults to a
* "safe" set of headers that commonly contain user credentials. It's OK to remove
* those from the list if the downstream service is part of the same system as the
* proxy, so they are sharing authentication data. If using a physical URL outside
* your own domain, then generally it would be a bad idea to leak user credentials.
*/
private Set<String> sensitiveHeaders = new LinkedHashSet<>(
Arrays.asList("Cookie", "Set-Cookie", "Authorization"));
配置
zuul:
sensitiveHeaders:
host:
socket-timeout-millis: 60000
connect-timeout-millis: 60000
通过显示指定为空,表示让zuul的过滤header列表为空,这样就可以正常返回了
spring读取cookie方法
String xxx = WebUtils.getCookie((HttpServletRequest) servletRequest,"your-cookie-name").getValue();