Add new CORS vulnerability example.

lightless233 · lightless233 · commit ca98c59c7b09 · 2018-10-25T15:39:27.000+08:00
diff --git a/src/main/java/org/joychou/controller/CORS.java b/src/main/java/org/joychou/controller/CORS.java
@@ -1,10 +1,13 @@
 package org.joychou.controller;
 
+import org.joychou.utils.Security;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import org.joychou.utils.Security;
 
 /**
  * @author: JoyChou
@@ -46,6 +49,13 @@ private static String vuls2(HttpServletResponse response) {
         return info;
     }
 
+    @CrossOrigin("*")
+    @RequestMapping("/vul3")
+    @ResponseBody
+    private static String vuls3(HttpServletResponse response) {
+        return info;
+    }
+
     @RequestMapping("/sec")
     @ResponseBody
     private static String seccode(HttpServletRequest request, HttpServletResponse response) {
