Skip to content

建议升级shiro依赖 Apach Shiro官方披露其cookie持久化参数rememberMe加密算法存在漏洞 #1473

New issue
New issue
Closed
Closed
建议升级shiro依赖 Apach Shiro官方披露其cookie持久化参数rememberMe加密算法存在漏洞#1473
@ChangYunQing

Description

@ChangYunQing
ChangYunQing
opened on Jul 17, 2020
版本号:

2.2.1

问题描述:

采用jwt后remember_me是不是没有用了,
前端登录页面勾选‘自动登录’传了参数'remember_me',但是后台并没有对该参数做处理。

截图&代码:

F02ADB2A-3330-40db-AE4C-03E16232AF60
D0C1E5FE-F4B2-4d09-AE77-F7F03E90C231

友情提示: 未按格式要求发帖,会直接删掉。

Activity

zhangdaiscott

zhangdaiscott commented on Jul 17, 2020

@zhangdaiscott
zhangdaiscott
on Jul 17, 2020
Member

3q

zhangdaiscott

zhangdaiscott commented on Jul 31, 2020

@zhangdaiscott
zhangdaiscott
on Jul 31, 2020
Member

已改下个版本发布

zhangdaiscott
closed this as completedon Jul 31, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @zhangdaiscott@ChangYunQing

        Issue actions
          建议升级shiro依赖 Apach Shiro官方披露其cookie持久化参数rememberMe加密算法存在漏洞 · Issue #1473 · jeecgboot/JeecgBoot