parent: d41b06 | patch | commitdiff
Administrator
2026-06-14 a8219a1c955a9bb84300a52944ab886c604a4512
refs
author Administrator <15274802129@163.com>
Sunday, June 14, 2026 16:54 +0800
committer Administrator <15274802129@163.com>
Sunday, June 14, 2026 16:54 +0800
commita8219a1c955a9bb84300a52944ab886c604a4512
tree 951d95704830497eac9a0480f155b260030ae3c1 tree | zip | gz
parent d41b06249ea93d81d0e933ecffe54c9d740266ef view | diff 
fix(security): 修复CORS配置中的安全漏洞

- 移除allowCredentials配置避免跨站请求伪造风险
- 保留maxAge设置以优化预检请求性能
- 维持原有的CORS策略配置不变
1 files modified
3 ■■■■ changed files
src/main/java/cc/mrbird/febs/common/configure/WebMvcConfigure.java 3 ●●●● diff | view | raw | blame | history