public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-05-16 14:31:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 安全漏洞-社区版权限绕过 H2 RCE Bypass

Browse Source
This commit is contained in:
fit2cloud-chenyw
2025-04-30 15:41:10 +08:00
committed by fit2cloud-chenyw
parent 2999de9fe1
commit 429f654733
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sdk/common/src/main/java/io/dataease/auth/filter/CommunityTokenFilter.java
View File

@@ -61,6 +61,7 @@ public class CommunityTokenFilter implements Filter {
String msg = URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8).replace("+", "%20");
headers.add(headName, msg);
sendResponseEntity(res, new ResponseEntity<>(e.getMessage(), headers, HttpStatus.UNAUTHORIZED));
return;
}
}