lsd/ks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改自治区扫描接口漏洞问题

Browse Source
This commit is contained in:
sh
2026-04-30 15:10:34 +08:00
parent 05253c922a
commit 728a5bbb50
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ruoyi-common/src/main/java/com/ruoyi/common/constant/EncryptConstants.java
View File

@@ -37,7 +37,11 @@ public class EncryptConstants {
"/app/speech/**",
"/app/job/**",
"/app/company/**",
"/login",
"/app/user/resume"
"/app/companycontact/**",
"/app/appskill/**",
"/app/userworkexperiences/**",
"/app/user/**",
"/app/user/resume",
"/cms/job/recommend"
);
}

2
ruoyi-common/src/main/java/com/ruoyi/common/filter/RequestWrapperFilter.java
View File

@@ -73,7 +73,7 @@ public class RequestWrapperFilter implements Filter {
String forwardUrl = buildGetRequestURI(httpRequest);
// 先做输入规范化 + 解码,消除编码/格式绕过
String normalizedForwardUrl = normalizePath(forwardUrl);
// String normalizedForwardUrl = normalizePath(forwardUrl);
// if (normalizedForwardUrl == null) {
// log.error("非法内部转发:路径格式异常 {}", LogUtils.cleanLog(forwardUrl));
// httpResponse.sendError(InternalForwardConstants.FORBIDDEN_CODE, InternalForwardConstants.FORBIDDEN_MSG);