From 3129b249257921545b1ee17e9034b40c26bc2947 Mon Sep 17 00:00:00 2001
From: "review512jwy@163.com" <“review512jwy@163.com”>
Date: Tue, 27 Jan 2026 17:00:43 +0800
Subject: [PATCH] =?UTF-8?q?queryAlertForwardConfigByAlarmTmplIds=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3referer=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../techsor/datacenter/business/configurator/CrosXssFilter.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java b/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java
index 0b949ae..1c13d63 100644
--- a/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java
+++ b/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java
@@ -53,7 +53,7 @@ public class CrosXssFilter implements Filter {
                     String requestUri = httpRequest.getRequestURI();
                     // 当 URL 不包含 /common/ 时，校验 Referer
 //                    if (!requestUri.contains("/common/") && !requestUri.contains("swagger")) {
-                    if (!requestUri.contains("/swagger") && !requestUri.contains("/api-docs")
+                    if (!requestUri.contains("/swagger") && !requestUri.contains("/api-docs") && !requestUri.contains("/queryAlertForwardConfigByAlarmTmplIds")
                             && !requestUri.contains("websocket")) {
                         String referer = httpRequest.getHeader("Referer");
                         if (StringUtils.isNotBlank(referer)){