diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java
index fff24448079f8285f164f5e77de2327cd54890ca..799625f12ac0c562f743813c31731ea76c5b5a81 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java
@@ -2,6 +2,7 @@ package com.ruoyi.gateway.filter;
 
 import java.nio.charset.StandardCharsets;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
@@ -27,6 +28,7 @@ import reactor.core.publisher.Mono;
  * @author ruoyi
  */
 @Component
+@ConditionalOnProperty(value = "security.xss.enabled", havingValue = "true")
 public class XssFilter implements GlobalFilter, Ordered
 {
     // 跨站脚本的 xss 配置，nacos自行添加