From 49555ab90f053d3339c2966c29fbd8f108fd865f Mon Sep 17 00:00:00 2001
From: taojinlong <jinlong@fit2cloud.com>
Date: Wed, 20 Mar 2024 16:28:36 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20DataEase=20=E6=9C=AA=E6=8E=88=E6=9D=83?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/main/java/io/dataease/utils/WhitelistUtils.java       | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
index 6c84d72b3b..f29a21c46e 100644
--- a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
+++ b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
@@ -1,6 +1,7 @@
 package io.dataease.utils;
 
 import io.dataease.constant.AuthConstant;
+import io.dataease.exception.DEException;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.core.env.Environment;
 
@@ -43,6 +44,9 @@ public class WhitelistUtils {
             "/");
 
     public static boolean match(String requestURI) {
+        if (requestURI.contains(";") && !requestURI.contains("?")) {
+            DEException.throwException("Invalid uri: " + requestURI);
+        }
         if (StringUtils.startsWith(requestURI, getContextPath())) {
             requestURI = requestURI.replaceFirst(getContextPath(), "");
         }