hhyykk/RuoYi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

国家信息安全漏洞(请务必保持cipherKey密钥唯一性)

Browse Source
This commit is contained in:
RuoYi
2020-07-04 20:52:27 +08:00
parent 7728ad9eb4
commit 91986f13f8
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ruoyi-admin/src/main/resources/application.yml
View File

@ -108,6 +108,8 @@ shiro:
httpOnly: true
# 设置Cookie的过期时间天为单位
maxAge: 30
# 设置密钥务必保持唯一性生成方式直接拷贝到main运行即可KeyGenerator keygen = KeyGenerator.getInstance("AES"); SecretKey deskey = keygen.generateKey(); System.out.println(Base64.encodeToString(deskey.getEncoded()));
cipherKey: zSyK5Kp6PZAAjlT+eeNMlg==
session:
# Session超时时间-1代表永不过期默认30分钟
expireTime: 30