修改自治区扫描接口漏洞问题

ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/cms/CmsJobController.java

@@ -54,7 +54,7 @@ import java.util.stream.Collectors;
 @RestController
 @RequestMapping("/cms/job")
 @Api(tags = "后台：岗位管理")
-@Anonymous
+//@Anonymous
 public class CmsJobController extends BaseController
 {
     @Autowired
@@ -210,6 +210,7 @@ public class CmsJobController extends BaseController
 
     @ApiOperation("获取推荐岗位")
     @GetMapping("/recommend")
+    @Anonymous
     public AjaxResult recommend(ESJobSearch esJobSearch)
     {
         if (RoleUtils.isCompanyAdmin()) {

ruoyi-common/src/main/java/com/ruoyi/common/constant/EncryptConstants.java

@@ -37,7 +37,11 @@ public class EncryptConstants {
         "/app/speech/**",
         "/app/job/**",
         "/app/company/**",
-        "/login",
-        "/app/user/resume"
+        "/app/companycontact/**",
+        "/app/appskill/**",
+        "/app/userworkexperiences/**",
+        "/app/user/**",
+        "/app/user/resume",
+        "/cms/job/recommend"
     );
 }

ruoyi-common/src/main/java/com/ruoyi/common/filter/RequestWrapperFilter.java

@@ -73,7 +73,7 @@ public class RequestWrapperFilter implements Filter {
                 String forwardUrl = buildGetRequestURI(httpRequest);
 
                 // 先做输入规范化 + 解码，消除编码/格式绕过
-                String normalizedForwardUrl = normalizePath(forwardUrl);
+//                String normalizedForwardUrl = normalizePath(forwardUrl);
 //                if (normalizedForwardUrl == null) {
 //                    log.error("非法内部转发：路径格式异常 {}", LogUtils.cleanLog(forwardUrl));
 //                    httpResponse.sendError(InternalForwardConstants.FORBIDDEN_CODE, InternalForwardConstants.FORBIDDEN_MSG);