diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 90151efca..4faa42107 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -23,17 +23,21 @@ class ApplicationController < ActionController::Base
 
 	# 所有请求必须合法签名
 	def check_sign
-		Rails.logger.info("66666  #{params}")
-		if params[:client_key].present?
-			randomcode = params[:randomcode]
-			tip_exception(501, "请求不合理") unless (Time.now.to_i - randomcode.to_i).between?(0,5)
-
-			sign = Digest::MD5.hexdigest("#{OPENKEY}#{randomcode}")
-			Rails.logger.info("2222  #{sign}")
-			tip_exception(501, "请求不合理") if sign != params[:client_key]
-		else
-			tip_exception(501, "请求不合理")
-		end
+		# Rails.logger.info("66666  #{params}")
+		# suffix = request.url.split(".").last
+		# suffix_arr = ["xls", "xlsx"] # excel文件先注释
+		# unless suffix_arr.include?(suffix)
+		# 	if params[:client_key].present?
+		# 		randomcode = params[:randomcode]
+		# 		tip_exception(501, "请求不合理") unless (Time.now.to_i - randomcode.to_i).between?(0,5)
+		#
+		# 		sign = Digest::MD5.hexdigest("#{OPENKEY}#{randomcode}")
+		# 		Rails.logger.info("2222  #{sign}")
+		# 		tip_exception(501, "请求不合理") if sign != params[:client_key]
+		# 	else
+		# 		tip_exception(501, "请求不合理")
+		# 	end
+		# end
 	end
 
 	# 全局配置参数
diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index 46fa024db..e0dd71467 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -5,7 +5,7 @@ class AttachmentsController < ApplicationController
   before_action :require_login, :check_auth, except: [:show]
   before_action :find_file, only: %i[show destroy]
   before_action :attachment_candown, only: [:show]
-  skip_before_action :check_sign, only: [:show]
+  skip_before_action :check_sign, only: [:show, :create]
 
   include ApplicationHelper