Swagger接口未授权访问漏洞

参考博客 https://blog.csdn.net/J_com/article/details/129197536

通过下面链接可以获取到接口信息

http://ip:port/router/v2/api-docs
http://ip:port/v2/api-docs
http://ip:port/swagger-ui.html#/

处理办法，加上enable(false)或者将SwaggerConfig给注释掉，弊端就是你自己也访问不了接口文档

@Configuration
@EnableSwagger2
public class SwaggerConfig {
    
	@Bean
	public Docket createRestApi() {
		return new Docket(DocumentationType.SWAGGER_2)
			.apiInfo(apiInfo())
			.enable(false)   //加上这个
			.select()
			.apis(RequestHandlerSelectors.basePackage("com.lanren312.controller"))
			.paths(PathSelectors.any())
			.build();
	}
}