From 7c40fa33774891b1e0867be3381fd8776c33d251 Mon Sep 17 00:00:00 2001
From: "Captain.B" <bin@fit2cloud.com>
Date: Wed, 10 Mar 2021 16:56:19 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E6=B2=A1=E6=9C=89=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E4=B8=8D=E9=9C=80=E8=A6=81=E6=A0=A1=E9=AA=8Ccsrf?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/src/main/java/io/metersphere/security/CsrfFilter.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/src/main/java/io/metersphere/security/CsrfFilter.java b/backend/src/main/java/io/metersphere/security/CsrfFilter.java
index 2468e287c3..358850f664 100644
--- a/backend/src/main/java/io/metersphere/security/CsrfFilter.java
+++ b/backend/src/main/java/io/metersphere/security/CsrfFilter.java
@@ -26,6 +26,7 @@ public class CsrfFilter extends AnonymousFilter {
 
         if (!SecurityUtils.getSubject().isAuthenticated()) {
             ((HttpServletResponse) response).setHeader("Authentication-Status", "invalid");
+            return true;
         }
         // api 过来的请求
         if (ApiKeyHandler.isApiKeyCall(WebUtils.toHttp(request))) {