From 3a2c480e05f69c874a016fdd043d7b39dd5e034e Mon Sep 17 00:00:00 2001
From: 16337 <1633794139@qq.com>
Date: Mon, 2 Mar 2026 10:23:04 +0800
Subject: [PATCH] =?UTF-8?q?fix(aiot):=20=E7=BC=A9=E5=B0=8F=20Edge=20?=
 =?UTF-8?q?=E7=99=BD=E5=90=8D=E5=8D=95=E9=80=9A=E9=85=8D=E8=8C=83=E5=9B=B4?=
 =?UTF-8?q?=EF=BC=8C=E9=99=90=E5=AE=9A=E5=85=B7=E4=BD=93=E6=A8=A1=E5=9D=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

从 /api/ai/**/edge/** 改为按模块显式列出：
- /api/ai/alert/edge/**  告警上报
- /api/ai/device/edge/** 设备心跳（预留）
避免过宽通配带来的安全隐患。

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index b0236d764..5d5208eb5 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -105,7 +105,8 @@ public class WebSecurityConfig {
         defaultExcludes.add("/api/ai/roi/snap/callback");
         defaultExcludes.add("/api/ai/roi/snap/image");
         defaultExcludes.add("/api/ai/camera/get");
-        defaultExcludes.add("/api/ai/**/edge/**");
+        defaultExcludes.add("/api/ai/alert/edge/**");
+        defaultExcludes.add("/api/ai/device/edge/**");
 
         if (userSetting.getInterfaceAuthentication() && !userSetting.getInterfaceAuthenticationExcludes().isEmpty()) {
             defaultExcludes.addAll(userSetting.getInterfaceAuthenticationExcludes());