diff --git a/pqs-common/common-web/src/main/java/com/njcn/web/filter/XssRequestWrapper.java b/pqs-common/common-web/src/main/java/com/njcn/web/filter/XssRequestWrapper.java
index b3d8683be..af10bbf82 100644
--- a/pqs-common/common-web/src/main/java/com/njcn/web/filter/XssRequestWrapper.java
+++ b/pqs-common/common-web/src/main/java/com/njcn/web/filter/XssRequestWrapper.java
@@ -34,7 +34,7 @@ import java.util.stream.Stream;
 @Slf4j
 public class XssRequestWrapper extends HttpServletRequestWrapper {
 
-    private final static String[] WHITE_PARAMETER_NAME = {"password", "mxContent", "docContent", "bgImage","fileContent","flowableXml","bpmnXml","fields","definition","thumbnail"};
+    private final static String[] WHITE_PARAMETER_NAME = {"password", "mxContent", "docContent", "bgImage","fileContent","flowableXml","bpmnXml","fields","definition","thumbnail","image"};
 
 
     public XssRequestWrapper(HttpServletRequest request) {