From f0f00e9ba8a755e4317e029d73b69a92ad9f9df1 Mon Sep 17 00:00:00 2001 From: kongzy <kongzy> Date: 星期六, 14 九月 2024 17:02:41 +0800 Subject: [PATCH] update --- exam-framework/src/main/java/com/gkhy/exam/framework/security/SecurityConfig.java | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/exam-framework/src/main/java/com/gkhy/exam/framework/security/SecurityConfig.java b/exam-framework/src/main/java/com/gkhy/exam/framework/security/SecurityConfig.java index 98a3e29..b08e275 100644 --- a/exam-framework/src/main/java/com/gkhy/exam/framework/security/SecurityConfig.java +++ b/exam-framework/src/main/java/com/gkhy/exam/framework/security/SecurityConfig.java @@ -100,6 +100,7 @@ permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll()); httpSecurity + .cors().and() // CSRF禁用,因为不使用session .csrf().disable() // 禁用HTTP响应标头 @@ -111,7 +112,7 @@ // 过滤请求 .authorizeRequests() // 对于登录login 注册register 验证码captchaImage 允许匿名访问 - .antMatchers("/**/login", "/register", "/system/captcha/captchaImage").permitAll() + .antMatchers("/**/login", "/register", "/system/captcha/captchaImage","/system/common/importExcel").permitAll() // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**","/**/favicon.ico","/**/images/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() @@ -128,6 +129,7 @@ httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class); } + /** * 强散列哈希加密实现 */ -- Gitblit v1.9.2