From 9a7bb81cd00526287b3f0efd8e78ae440e21906f Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期五, 19 十一月 2021 13:01:30 +0800
Subject: [PATCH] fix 修复关闭 xss 功能导致可重复读 RepeatableFilter 失效
---
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 9 +++------
1 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 30718c3..58dd02a 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -49,7 +49,7 @@
*/
@Autowired
private JwtAuthenticationTokenFilter authenticationTokenFilter;
-
+
/**
* 璺ㄥ煙杩囨护鍣�
*/
@@ -96,8 +96,8 @@
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 杩囨护璇锋眰
.authorizeRequests()
- // 瀵逛簬鐧诲綍login 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
- .antMatchers("/login", "/captchaImage").anonymous()
+ // 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
+ .antMatchers("/login", "/register", "/captchaImage").anonymous()
.antMatchers(
HttpMethod.GET,
"/",
@@ -107,8 +107,6 @@
"/**/*.js",
"/profile/**"
).permitAll()
- .antMatchers("/common/download**").anonymous()
- .antMatchers("/common/download/resource**").anonymous()
.antMatchers("/swagger-ui.html").anonymous()
.antMatchers("/swagger-resources/**").anonymous()
.antMatchers("/webjars/**").anonymous()
@@ -126,7 +124,6 @@
httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
}
-
/**
* 寮烘暎鍒楀搱甯屽姞瀵嗗疄鐜�
*/
--
Gitblit v1.9.3