From bda41c34e513c0be1f23b1741f5823112bce71ec Mon Sep 17 00:00:00 2001
From: "iVampireSP.com" <im@ivampiresp.com>
Date: Tue, 14 Feb 2023 20:11:32 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9B=20=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E7=8E=AF=E5=A2=83=E4=B8=8D=E7=94=9F=E6=95=88?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Middleware/Admin/ValidateReferer.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/Http/Middleware/Admin/ValidateReferer.php b/app/Http/Middleware/Admin/ValidateReferer.php
index 5029d29..f883d17 100644
--- a/app/Http/Middleware/Admin/ValidateReferer.php
+++ b/app/Http/Middleware/Admin/ValidateReferer.php
@@ -13,16 +13,19 @@ class ValidateReferer
     /**
      * Handle an incoming request.
      *
-     * @param  Request  $request
+     * @param Request                                       $request
      * @param Closure(Request): (Response|RedirectResponse) $next
+     *
      * @return mixed
      */
     public function handle(Request $request, Closure $next): mixed
     {
-        // return $next($request);
+        if (app()->environment('local')) {
+            return $next($request);
+        }
 
         // 如果 referer 不为空，且不是来自本站的请求，则返回 403
-        if ($request->headers->get('referer') && ! Str::contains($request->headers->get('referer'), config('app.url'))) {
+        if ($request->headers->get('referer') && !Str::contains($request->headers->get('referer'), config('app.url'))) {
             abort(403, '来源不属于后台。');
         } else {
             return $next($request);