diff --git a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssFilter.java b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssFilter.java
index 6571deaf..7f7b4de8 100644
--- a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssFilter.java
+++ b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssFilter.java
@@ -1,9 +1,9 @@
 package org.dromara.common.web.filter;
 
+import cn.hutool.core.collection.CollUtil;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import org.dromara.common.core.utils.ServletUtils;
 import org.dromara.common.core.utils.SpringUtils;
 import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.web.config.properties.XssProperties;
@@ -25,17 +25,7 @@ public class XssFilter implements Filter {
     public List<String> excludes = new ArrayList<>();
 
     @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
-        XssProperties properties = SpringUtils.getBean(XssProperties.class);
-        HttpServletRequest request = ServletUtils.getRequest();
-        // 从请求头获取gateway转发的服务前缀
-        String prefix = StringUtils.blankToDefault(request.getHeader("X-Forwarded-Prefix"), "");
-        List<String> excludeUrls = properties.getExcludeUrls()
-            .stream()
-            .filter(x -> StringUtils.startsWith(x, prefix))
-            .map(x -> x.replaceFirst(prefix, StringUtils.EMPTY))
-            .toList();
-        excludes.addAll(excludeUrls);
+    public void init(FilterConfig filterConfig) {
     }
 
     @Override
@@ -58,6 +48,16 @@ public class XssFilter implements Filter {
         if (method == null || HttpMethod.GET.matches(method) || HttpMethod.DELETE.matches(method)) {
             return true;
         }
+        if (CollUtil.isEmpty(excludes)) {
+            XssProperties properties = SpringUtils.getBean(XssProperties.class);
+            // 从请求头获取gateway转发的服务前缀
+            String prefix = StringUtils.blankToDefault(request.getHeader("X-Forwarded-Prefix"), "");
+            List<String> excludeUrls = properties.getExcludeUrls().stream()
+                .filter(x -> StringUtils.startsWith(x, prefix))
+                .map(x -> x.replaceFirst(prefix, StringUtils.EMPTY))
+                .toList();
+            excludes.addAll(excludeUrls);
+        }
         return StringUtils.matches(url, excludes);
     }