From bc11ec0e6b09d1da34abd970a2acf7b461127eca Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期二, 16 九月 2025 15:19:12 +0800
Subject: [PATCH] 修改安全漏洞

---
 management/guns-admin/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/management/guns-admin/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java b/management/guns-admin/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java
index 2f15811..eb64df0 100644
--- a/management/guns-admin/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java
+++ b/management/guns-admin/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java
@@ -102,7 +102,7 @@
     @Bean
     public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookie) {
         CookieRememberMeManager manager = new CookieRememberMeManager();
-        manager.setCipherKey(Base64.decode("Z3VucwAAAAAAAAAAAAAAAA=="));
+//        manager.setCipherKey(Base64.decode("Z3VucwAAAAAAAAAAAAAAAA=="));
         manager.setCookie(rememberMeCookie);
         return manager;
     }
@@ -112,7 +112,8 @@
      */
     @Bean
     public SimpleCookie rememberMeCookie() {
-        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
+//        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
+        SimpleCookie simpleCookie = new SimpleCookie("");
         simpleCookie.setHttpOnly(true);
         simpleCookie.setMaxAge(7 * 24 * 60 * 60);//7天
         return simpleCookie;
@@ -162,6 +163,7 @@
         Map<String, String> hashMap = new LinkedHashMap<>();
         hashMap.put("/static/**", "anon");
         hashMap.put("/base/**", "anon");
+        hashMap.put("/upload/**", "anon");
         hashMap.put("/gunsApi/**", "anon");
         hashMap.put("/login", "anon");
         hashMap.put("/global/sessionError", "anon");

--
Gitblit v1.7.1