diff --git a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
index e0b760a9e0..de2f8987e4 100644
--- a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
+++ b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
@@ -1,6 +1,7 @@
 package io.dataease.utils;
 
 import io.dataease.constant.AuthConstant;
+import io.dataease.exception.DEException;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.core.env.Environment;
 
@@ -44,6 +45,9 @@ public class WhitelistUtils {
             "/");
 
     public static boolean match(String requestURI) {
+        if (requestURI.contains(";") && !requestURI.contains("?")) {
+            DEException.throwException("Invalid uri: " + requestURI);
+        }
         if (StringUtils.startsWith(requestURI, getContextPath())) {
             requestURI = requestURI.replaceFirst(getContextPath(), "");
         }