From 3a099ca19bf806ab44090aadb4b2973057e8b4d0 Mon Sep 17 00:00:00 2001 From: shimingxy Date: Wed, 7 Jan 2026 10:23:56 +0800 Subject: [PATCH] =?UTF-8?q?redirect=5Furi=20=E8=A2=ABXss=E6=8B=A6=E6=88=AA?= =?UTF-8?q?=E5=99=A8=E6=8B=A6=E6=88=AA=20#IDEANO?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/dromara/maxkey/exception/BusinessException.java | 5 +++++ .../java/org/dromara/maxkey/web/WebXssRequestFilter.java | 1 + 2 files changed, 6 insertions(+) diff --git a/maxkey-commons/maxkey-core/src/main/java/org/dromara/maxkey/exception/BusinessException.java b/maxkey-commons/maxkey-core/src/main/java/org/dromara/maxkey/exception/BusinessException.java index fc323b1d3..e800fae37 100644 --- a/maxkey-commons/maxkey-core/src/main/java/org/dromara/maxkey/exception/BusinessException.java +++ b/maxkey-commons/maxkey-core/src/main/java/org/dromara/maxkey/exception/BusinessException.java @@ -24,6 +24,11 @@ package org.dromara.maxkey.exception; */ public class BusinessException extends RuntimeException { /** + * + */ + private static final long serialVersionUID = 7960700377711971191L; + + /** * 异常编码 */ private Integer code; diff --git a/maxkey-starter/maxkey-starter-web/src/main/java/org/dromara/maxkey/web/WebXssRequestFilter.java b/maxkey-starter/maxkey-starter-web/src/main/java/org/dromara/maxkey/web/WebXssRequestFilter.java index 9d914f655..ebc485d33 100644 --- a/maxkey-starter/maxkey-starter-web/src/main/java/org/dromara/maxkey/web/WebXssRequestFilter.java +++ b/maxkey-starter/maxkey-starter-web/src/main/java/org/dromara/maxkey/web/WebXssRequestFilter.java @@ -58,6 +58,7 @@ public class WebXssRequestFilter extends GenericFilterBean { skipUrlMap.put("/authz/cas/", "/authz/cas/"); skipUrlMap.put("/authz/cas/login", "/authz/cas/login"); skipUrlMap.put("/authz/oauth/v20/authorize", "/authz/oauth/v20/authorize"); + skipUrlMap.put("/authz/oauth/v20/token", "/authz/oauth/v20/token"); //TENCENT_IOA skipUrlMap.put("/oauth2/authorize", "/oauth2/authorize");