|
|
@@ -17,6 +17,8 @@ import org.springframework.security.core.userdetails.UserDetailsService;
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
|
|
+import org.springframework.security.web.firewall.HttpFirewall;
|
|
|
+import org.springframework.security.web.firewall.StrictHttpFirewall;
|
|
|
import org.springframework.web.filter.CorsFilter;
|
|
|
|
|
|
import javax.annotation.Resource;
|
|
|
@@ -141,4 +143,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
|
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
|
|
|
}
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 支持"//"
|
|
|
+ */
|
|
|
+ @Bean
|
|
|
+ public HttpFirewall httpFirewall() {
|
|
|
+ StrictHttpFirewall firewall = new StrictHttpFirewall();
|
|
|
+ firewall.setAllowUrlEncodedDoubleSlash(true);
|
|
|
+ return firewall;
|
|
|
+ }
|
|
|
}
|
