From 7e0b4c06b02e2212c10d4b1557c6ca5adf2e56df Mon Sep 17 00:00:00 2001
From: xin <1099200748@qq.com>
Date: Thu, 25 Sep 2025 21:50:51 +0800
Subject: [PATCH] 匿名访问正则表达式优化特殊字符

---
 oying-common/src/main/java/com/oying/config/webConfig/SwaggerConfig.java |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/oying-common/src/main/java/com/oying/config/webConfig/SwaggerConfig.java b/oying-common/src/main/java/com/oying/config/webConfig/SwaggerConfig.java
index 53b8c83..f0eca0d 100644
--- a/oying-common/src/main/java/com/oying/config/webConfig/SwaggerConfig.java
+++ b/oying-common/src/main/java/com/oying/config/webConfig/SwaggerConfig.java
@@ -28,6 +28,7 @@
 import java.util.Collections;
 import java.util.List;
 import java.util.Set;
+import java.util.function.Function;
 import java.util.stream.Collectors;
 
 /**
@@ -92,7 +93,17 @@
     private SecurityContext getContextByPath() {
         Set<String> urls = AnonTagUtils.getAllAnonymousUrl(applicationContext);
         urls = urls.stream().filter(url -> !url.equals("/")).collect(Collectors.toSet());
-        String regExp = "^(?!" + apiPath + String.join("|" + apiPath, urls) + ").*$";
+
+        // 转义特殊字符（包括{}）
+        Function<String, String> escapeRegex = str -> str.replaceAll("([.*+?^${}()|\\[\\]\\\\])", "\\\\$1");
+
+        String escapedApiPath = escapeRegex.apply(apiPath);
+        String pattern = urls.stream()
+                .map(escapeRegex)  // 转义每个URL中的特殊字符
+                .map(url -> escapedApiPath + url)  // 拼接API路径
+                .collect(Collectors.joining("|"));
+        String regExp = "^(?!" + pattern + ").*$";
+        System.out.println("regExp: " + regExp);
         return SecurityContext.builder()
                 .securityReferences(defaultAuth())
                 .operationSelector(o->o.requestMappingPattern()

--
Gitblit v1.9.3