diff --git a/report-core/pom.xml b/report-core/pom.xml
index 48bcaa76..5404d38f 100644
--- a/report-core/pom.xml
+++ b/report-core/pom.xml
@@ -88,6 +88,10 @@
                     <groupId>org.springframework.boot</groupId>
                     <artifactId>spring-boot-starter-data-redis</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>com.spring4all</groupId>
+                    <artifactId>swagger-spring-boot-starter</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/ReportApplication.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/ReportApplication.java
index c0b5a0d1..ce50103e 100644
--- a/report-core/src/main/java/com/anjiplus/template/gaea/business/ReportApplication.java
+++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/ReportApplication.java
@@ -4,7 +4,6 @@ import com.anji.plus.gaea.annotation.enabled.EnabledGaeaConfiguration;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import springfox.documentation.swagger2.annotations.EnableSwagger2;
 
 /**
  * 业务模板
@@ -21,7 +20,6 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
         "com.anjiplus.template.gaea.business.modules.*.**.dao",
         "com.anji.plus.gaea.*.module.*.dao"
 })
-@EnableSwagger2
 public class ReportApplication {
     public static void main( String[] args ) {
         SpringApplication.run(ReportApplication.class);
diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
index 8459094d..e517f6dc 100644
--- a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
+++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
@@ -67,24 +67,24 @@ public class TokenFilter implements Filter {
         HttpServletResponse response = (HttpServletResponse) servletResponse;
         String uri = request.getRequestURI();
 
-        // TODO 暂时先不校验 直接放行
-        /*if (true) {
-            filterChain.doFilter(request, response);
-            return;
-        }*/
-
         //OPTIONS直接放行
         if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
             filterChain.doFilter(request, response);
             return;
         }
 
+        /** 修复 国家信息安全漏洞共享平台披露的漏洞 CNVD-2024-34975
+         * 避免，通过/dataSetParam/verification;swagger-ui，方式，绕过TokenFilter
+         * 当初在开发期，为方便前后联调，引入了swagger-ui，目前前后端接口基本稳定，同时考虑目前大部分aj-report没有二开能力，
+         * 我们再三斟酌，删除swagger-ui，二开的同学如有需要，自己添加。
+         */
         // swagger相关的直接放行
+        /*
         if (uri.contains("swagger-ui") || uri.contains("swagger-resources")) {
             filterChain.doFilter(request, response);
             return;
         }
-
+        */
 
         if (SLASH.equals(uri) || SLASH.concat(BusinessConstant.SLASH).equals(uri)) {
             if (BusinessConstant.SLASH.equals(uri)) {