From 628bc94a9a629d0b3330e90b6b065c72e25b5577 Mon Sep 17 00:00:00 2001
From: 0慕容雪0 <ytu.mxh@163.com>
Date: 星期六, 11 三月 2023 12:31:55 +0800
Subject: [PATCH] update ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java.

---
 ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 3f7fc67..bdb7199 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -102,6 +102,8 @@
         httpSecurity
                 // CSRF禁用，因为不使用session
                 .csrf().disable()
+                // 禁用HTTP响应标头
+                .headers().cacheControl().disable().and()
                 // 认证失败处理类
                 .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
                 // 基于token，所以不需要session
@@ -109,7 +111,7 @@
                 // 过滤请求
                 .authorizeRequests()
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage").anonymous()
+                .antMatchers("/login", "/register", "/captchaImage").permitAll()
                 // 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
@@ -124,8 +126,6 @@
         // 添加CORS filter
         httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
         httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
-        // 禁用缓存
-        httpSecurity.headers().cacheControl().disable();
     }
 
     /**

--
Gitblit v1.9.2