diff --git a/public/static/admin.js b/public/static/admin.js
index bdef53490d..0b72b1848e 100644
--- a/public/static/admin.js
+++ b/public/static/admin.js
@@ -401,6 +401,7 @@ $(function () {
             window.onhashchange = function () {
                 var hash = location.hash || '', node;
                 if (hash.length < 1) return $('[data-menu-node]:first').trigger('click');
+                if (/^#(https?:)?\/\//.test(hash)) return $.msg.tips('禁止访问外部链接！');
                 // $.msg.page.show(),$.form.load(hash, {}, 'get', $.msg.page.hide, true),that.syncOpenStatus(2);
                 $.form.load(hash, {}, 'get', false, !$.msg.page.stat()), that.syncOpenStatus(2);
                 /*! 菜单选择切换 */