From 1e1fd9f7274e9f0a7227f1f399c2c8cc30736a75 Mon Sep 17 00:00:00 2001
From: tjlygdx <tjlygdx@163.com>
Date: Mon, 18 May 2026 17:42:57 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E3=80=90=E6=BC=8F=E6=B4=9E=E3=80=91=20?=
 =?UTF-8?q?=E5=85=A8=E5=B1=80=E9=9D=99=E6=80=81=E5=90=8E=E7=BC=80=E7=99=BD?=
 =?UTF-8?q?=E5=90=8D=E5=8D=95=E5=8C=B9=E9=85=8D=E8=BF=87=E5=AE=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/io/dataease/utils/WhitelistUtils.java     | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
index 8fab4b1911..86dc73cd16 100644
--- a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
+++ b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
@@ -13,6 +13,13 @@ import static io.dataease.result.ResultCode.INTERFACE_ADDRESS_INVALID;
 public class WhitelistUtils {
 
     private static String contextPath;
+    private static final List<String> STATIC_PATH_PREFIXES = List.of(
+            "/assets/",
+            "/static/"
+    );
+    private static final List<String> STATIC_FILES = List.of(
+            "/favicon.ico"
+    );
 
 
     public static String getContextPath() {
@@ -68,7 +75,7 @@ public class WhitelistUtils {
             requestURI = requestURI.replaceFirst(AuthConstant.DE_OIDCAPI_PREFIX, "");
         }
         return WHITE_PATH.contains(requestURI)
-                || StringUtils.endsWithAny(requestURI, ".gif",".ico", "js", ".css", "svg", "png", "jpg", "js.map", ".otf", ".ttf", ".woff2")
+                || isStaticAssetRequest(requestURI)
                 || StringUtils.startsWithAny(requestURI, "data:image")
                 || StringUtils.startsWithAny(requestURI, "/login/platformLogin/")
                 || StringUtils.startsWithAny(requestURI, "/static-resource/")
@@ -93,6 +100,11 @@ public class WhitelistUtils {
                 || StringUtils.startsWithAny(requestURI, "/communicate/down/");
     }
 
+    private static boolean isStaticAssetRequest(String requestURI) {
+        return STATIC_FILES.contains(requestURI)
+                || STATIC_PATH_PREFIXES.stream().anyMatch(requestURI::startsWith);
+    }
+
     public static String getBaseApiUrl(String redirect_uri) {
         if (StringUtils.endsWith(redirect_uri, "/")) {
             redirect_uri = redirect_uri.substring(0, redirect_uri.length() - 1);