-
-
Notifications
You must be signed in to change notification settings - Fork 471
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
请求参数带 code 直接登录 #248
Comments
没有遇到过,具体怎么操作的? |
非BUG,在得知账号和密码的情况就是可以通过接口获取TOKEN,erupt内部有验证码配置,密码错误3次后会出现,防止暴力破解 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
版本情况
JDK版本: openjdk_17
erupt版本: 1.12.12
问题描述(包括截图)
刚开始试用,发现一个问题,不确定是哪里配置问题还是安全问题。请求带上 code=xxx(任意值)即可绕过登录?
复现代码
堆栈信息
测试涉及到的文件(注意脱密)
The text was updated successfully, but these errors were encountered: