From 05c3507dae187205bb367227ff671cd8d84f0f5e Mon Sep 17 00:00:00 2001
From: cwchen <1048842385@qq.com>
Date: Mon, 20 Oct 2025 13:27:15 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8F=82=E6=95=B0=E6=8B=A6=E6=88=AA=E4=BF=AE?=
 =?UTF-8?q?=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/bonus/framework/interceptor/XssRequestWrapper.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
index 40406b3..8c378ad 100644
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@@ -110,7 +110,7 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
         // 1. SQL注释模式
         XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
         XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
-        XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
+//        XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
 
         // 2. 字符串分隔符
         XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号