From 219169c25bf0982f1b426c8a10f5cbe05c167887 Mon Sep 17 00:00:00 2001
From: cwchen <1048842385@qq.com>
Date: Tue, 30 Sep 2025 15:55:35 +0800
Subject: [PATCH] =?UTF-8?q?=E9=9D=9E=E6=B3=95=E5=80=BC=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/bonus/framework/interceptor/XssRequestWrapper.java   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
index b1ac961..8b0432d 100644
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@@ -518,10 +518,9 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
 
         // 记录警告日志（特殊字符攻击在修改密码时不记录）
         if (!(isPasswordUpdateRequest() && attackType.startsWith("SPECIAL_CHAR_PATTERN_"))) {
-            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}, 客户端IP: {}",
+            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}",
                     paramName, attackType,
-                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue,
-                    illegalParam.getClientIp());
+                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue);
         }
     }