From 5051f430c00e55fb7aaaf1a6e3959134c9d8fb4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E9=87=91=E5=B7=9D?= Date: Fri, 10 Oct 2025 01:38:49 +0000 Subject: [PATCH] update sa-token-doc/sso/sso-check-domain.md. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 吴金川 --- sa-token-doc/sso/sso-check-domain.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sa-token-doc/sso/sso-check-domain.md b/sa-token-doc/sso/sso-check-domain.md index 12992e3c..b0f0a0f7 100644 --- a/sa-token-doc/sso/sso-check-domain.md +++ b/sa-token-doc/sso/sso-check-domain.md @@ -3,7 +3,7 @@ --- ### 1、Ticket劫持攻击 -在前面章节的 SSO-Server 示例中,配置项 `sa-token.sso-server.clients.sso-client3.allow-url=*` 意为改 client 所有允许的授权地址,不在此配置项中的 URL 将无法单点登录成功。 +在前面章节的 SSO-Server 示例中,配置项 `sa-token.sso-server.clients.sso-client3.allow-url=*` 意为该 client 所有允许的授权地址,不在此配置项中的 URL 将无法单点登录成功。 为了方便测试,上述代码将其配置为`*`,但是,在生产环境中,此配置项绝对不能配置为 * ,否则会有被 Ticket 劫持的风险。