Merge pull request #285 from nagisa77/codex/fix-sitemap.xml-redirection-issue

Fix sitemap access without auth
2026-02-24 23:20:49 +08:00 · 2025-07-30 20:46:58 +08:00
parent 86aff7aeb2 cb5411c091
commit 33432a10f4
2 changed files with 5 additions and 1 deletions
--- a/src/main/java/com/openisle/config/SecurityConfig.java
+++ b/src/main/java/com/openisle/config/SecurityConfig.java
@@ -111,6 +111,7 @@ public class SecurityConfig {
                    .requestMatchers(HttpMethod.GET, "/api/push/public-key").permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/reaction-types").permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/activities/**").permitAll()
+                    .requestMatchers(HttpMethod.GET, "/api/sitemap.xml").permitAll()
                    .requestMatchers(HttpMethod.POST, "/api/categories/**").hasAuthority("ADMIN")
                    .requestMatchers(HttpMethod.POST, "/api/tags/**").authenticated()
                    .requestMatchers(HttpMethod.DELETE, "/api/categories/**").hasAuthority("ADMIN")
@@ -141,7 +142,8 @@ public class SecurityConfig {
                         uri.startsWith("/api/categories") || uri.startsWith("/api/tags") ||
                        uri.startsWith("/api/search") || uri.startsWith("/api/users") ||
                         uri.startsWith("/api/reaction-types") || uri.startsWith("/api/config") ||
-                         uri.startsWith("/api/activities") || uri.startsWith("/api/push/public-key"));
+                         uri.startsWith("/api/activities") || uri.startsWith("/api/push/public-key") ||
+                         uri.startsWith("/api/sitemap.xml"));

                if (authHeader != null && authHeader.startsWith("Bearer ")) {
                    String token = authHeader.substring(7);
--- a/src/main/java/com/openisle/controller/SitemapController.java
+++ b/src/main/java/com/openisle/controller/SitemapController.java
@@ -8,6 +8,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

 import java.util.List;
@@ -17,6 +18,7 @@ import java.util.List;
 */
@RestController
@RequiredArgsConstructor
+@RequestMapping("/api")
 public class SitemapController {
    private final PostRepository postRepository;