From f9ecdf53bfcaeb2f9f6146c0c092a72586c1d8b4 Mon Sep 17 00:00:00 2001
From: cwchen <1048842385@qq.com>
Date: Tue, 30 Sep 2025 15:58:29 +0800
Subject: [PATCH] =?UTF-8?q?=E9=9D=9E=E6=B3=95=E5=80=BC=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/bonus/framework/interceptor/XssRequestWrapper.java  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
index 8b0432d..61c6083 100644
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@@ -44,6 +44,7 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
     static {
         // 初始化忽略校验的URL路径
         IGNORE_SPECIAL_CHARS_URLS.add("/smartArchives/system/user/resetPwd");
+        IGNORE_SPECIAL_CHARS_URLS.add("/smartArchives/system/user/profile/updatePwd");
         // 可以根据需要添加更多修改密码的URL
 
         // 初始化需要忽略的特殊字符模式