Skip to content

Administrator / project_progress

Go to a project
Commit 4c84868f by bingobo
Options

修复漏洞扫描的问题

1 parent af17bfba
Inline Side-by-side
Showing with 215 additions and 86 deletions
src/assets/icon/demo_index.html
......@@ -36,7 +36,7 @@
</head>
<body>
<div class="main">
<h1 class="logo"><a href="https://www.iconfont.cn/" title="iconfont 首页" target="_blank">
<h1 class="logo"><a href="https://www.iconfont.cn/" title="iconfont 首页" target="_blank" rel="noopener noreferrer" >
<img width="200" src="https://img.alicdn.com/imgextra/i3/O1CN01Mn65HV1FfSEzR6DKv_!!6000000000514-55-tps-228-59.svg">
</a></h1>
......@@ -47,7 +47,7 @@
<li class="dib"><span>Symbol</span></li>
</ul>
<a href="https://www.iconfont.cn/manage/index?manage_type=myprojects&projectId=4526834" target="_blank" class="nav-more">查看项目</a>
<a href="https://www.iconfont.cn/manage/index?manage_type=myprojects&projectId=4526834" target="_blank" rel="noopener noreferrer" class="nav-more">查看项目</a>
</div>
<div class="tab-container">
......
src/config/index.js
// onlyoffice 文档url
export const documentServerUrl = 'http://192.168.0.120/'
export const documentServerUrl2 = 'http://192.168.0.120:18050/'
// export const documentServerUrl = 'http://192.168.0.120/'
// export const documentServerUrl2 = 'http://192.168.0.120:18050/'
// 元素颜色配置
// '业务架构元素': '#d2edfd', '应用架构元素': '#a0ce62', '数据架构元素': '#fbe8d0', '技术架构元素': '#e4d3fc', '安全架构元素': '#fffe55'
......
src/views/assessChecks/assistedViewing.vue
......@@ -568,7 +568,22 @@ export default {
this.dialog = false
},
handleImageClick() {},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(scope) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(scope.fileName);
let response = await downloadObject({
fileId: scope.fileId * 1,
})
......@@ -576,7 +591,8 @@ export default {
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = scope.fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = scope.fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......
src/views/assessChecks/auxiliaryInspection.vue
......@@ -889,14 +889,30 @@ export default {
}
return ''
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(fileId, fileName) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(fileName);
let response = await downloadObject({
fileId: fileId * 1,
})
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......
src/views/assessChecks/checkCompliance.vue
......@@ -625,7 +625,7 @@ export default {
dataList2.forEach((item, index) => {
item["key"] = index + 1;
});
console.log(66666, dataList1, dataList2);
// console.log(66666, dataList1, dataList2);
this.timeLineDataList1 = dataList1;
this.timeLineDataList2 = dataList2;
} else {
......@@ -653,13 +653,13 @@ export default {
},
// 放大图片
handlePictureCardPreview(file) {
console.log('点击放大')
// console.log('点击放大')
this.dialogImageUrl = file
this.dialogVisible = true
},
// 删除图片
handleRemove(file, fileList) {
console.log(fileList, 'this.fileList')
// console.log(fileList, 'this.fileList')
if (this.fileList.length == 0) {
this.fileList = []
} else {
......@@ -685,7 +685,7 @@ export default {
this.file = file
const isJPG = file.type === 'image/jpeg' || file.type === 'image/png'
const isLt2M = this.file.size / 1024 < 1000
console.log(this.file.size / 1024, 'this.file.size this.file.size ')
// console.log(this.file.size / 1024, 'this.file.size this.file.size ')
if (!isJPG) {
this.$message.error('上传图片只能是 JPG 或 PNG 格式!')
this.hideUploadEdit = false
......@@ -705,7 +705,7 @@ export default {
},
showFullScreen() {
console.log(this.fileList, '4444')
// console.log(this.fileList, '4444')
this.fullURL = this.fileList[0].url
this.dialogVisible = true
},
......@@ -714,7 +714,7 @@ export default {
},
changexm(row, typeCode) {
this.downloadObject(this.options[row], typeCode)
console.log(row, '换文件')
// console.log(row, '换文件')
},
async init(type) {
let params = {
......@@ -817,7 +817,7 @@ export default {
Promise.all([selFile(params), selWtqdFZ(params)]).then(async (res) => {
this.$nextTick(() => { // 以服务的方式调用的 Loading 需要异步关闭
if(type=='work'){
console.log('走了关闭')
// console.log('走了关闭')
loadingInstance.close();
}
});
......@@ -957,7 +957,7 @@ export default {
this.options = []
this.valuesel = ''
this.iframeUrl = ''
console.log('切换', tab.index)
// console.log('切换', tab.index)
let resList = await selFileList({
...params,
typeCode: this.tabListKY[tab.index].typeCode,
......@@ -972,7 +972,7 @@ export default {
}
},
change(id) {
console.log(this.hgx,'2222')
// console.log(this.hgx,'2222')
if (JSON.stringify(this.questionList) == JSON.stringify(this.oldQuestionList)) {
this.active = id * 1
......@@ -995,7 +995,7 @@ export default {
this.save('3', id)
})
.catch((action) => {
console.log(action, 'actionaction')
// console.log(action, 'actionaction')
if (action === 'cancel') {
this.active = id * 1
// this.tabListKY = MaterialsListKY(id * 1 + 1);
......@@ -1029,7 +1029,7 @@ export default {
},
addInput(item) {
if (item.evalList[0].disabled == true) {
console.log('选择了未发现问题')
// console.log('选择了未发现问题')
return
}
......@@ -1085,13 +1085,13 @@ export default {
// throw new Error();
// }
// });
console.log(this.questionList, 'questionList')
// console.log(this.questionList, 'questionList')
let params = {
list: this.questionList,
...this.clqparams,
}
console.log(params, '保存')
// console.log(params, '保存')
// return
let res = await bcevalQuesInfo(params)
......@@ -1118,19 +1118,19 @@ export default {
}
},
fileupdate(res, items) {
console.log(this.file.size / 1024, '222222')
// console.log(this.file.size / 1024, '222222')
this.file = res.file
this.submitFile(res, items)
},
submitFile(item, list) {
console.log(list, 'list')
console.log(this.file, '多少k')
// console.log(list, 'list')
// console.log(this.file, '多少k')
if (this.file) {
const formData = new FormData()
formData.append('file', this.file)
ossupload(formData)
.then((response) => {
console.log(response, '上传图片')
// console.log(response, '上传图片')
if (response.code == '200') {
// list.url = response.data.downLoadUrl;
// list.fileId= response.data.fileId
......@@ -1142,7 +1142,7 @@ export default {
}
})
.catch((error) => {
console.error(error)
// console.error(error)
this.$message('上传失败')
})
}
......
src/views/assessChecks/materialAcquisition.vue
......@@ -667,13 +667,13 @@ export default {
// 有url拆分调接口换预览
if (urlStr) {
console.log(urlStr, 'urlStr')
// console.log(urlStr, 'urlStr')
if (urlStr.includes(',')) {
arrUrl = item.url.split(',')
} else {
arrUrl.push(urlStr)
}
console.log(arrUrl, 'arrUrlarrUrl')
// console.log(arrUrl, 'arrUrlarrUrl')
arrUrl.forEach(async (showUrl) => {
let paramsUrl = {
url: showUrl,
......@@ -681,7 +681,7 @@ export default {
let resUrl = await presignedUrl(paramsUrl)
showUrlList.push(resUrl.msg)
})
console.log(showUrlList, 'showUrlList')
// console.log(showUrlList, 'showUrlList')
this.$set(item, 'images', showUrlList)
}
......@@ -694,7 +694,7 @@ export default {
}
},
fileupdate(items, list) {
console.log(items, list, 'list')
// console.log(items, list, 'list')
this.fileList.push(list.file)
this.debounce(this.submitFile, 500, items)
},
......@@ -709,7 +709,7 @@ export default {
}, waits)
},
submitFile() {
console.log(arguments[2], 'arguments')
// console.log(arguments[2], 'arguments')
if (this.fileList.length === 0) {
this.$message.success('请上传文件')
return
......@@ -729,7 +729,7 @@ export default {
this.fileList = []
this.confirm()
// this.MaterialWarehous(this.upprojectType);
console.log(this.$refs.upload, 'this.$refs.upload')
// console.log(this.$refs.upload, 'this.$refs.upload')
this.$refs.upload.clearFiles()
this.$message('上传成功')
} else {
......@@ -774,13 +774,13 @@ export default {
}
},
closed() {
console.log('关闭')
// console.log('关闭')
this.handleSelectionChange()
},
async saveSS() {
const confirmStatusArr = this.tableDataQR.filter(item => item.confirmStatus == 1)
const nullFeedBack = confirmStatusArr.filter(item => !item.feedback?.trim())
console.log('保存--this.tableDataQR', this.tableDataQR, confirmStatusArr, nullFeedBack);
// console.log('保存--this.tableDataQR', this.tableDataQR, confirmStatusArr, nullFeedBack);
if (nullFeedBack.length > 0) {
this.$message.warning('整改说明(申述必填)');
return
......@@ -797,7 +797,7 @@ export default {
async saveSubmit() {
const confirmStatusArr = this.tableDataQR.filter(item => item.confirmStatus == 1)
const nullFeedBack = confirmStatusArr.filter(item => !item.feedback?.trim())
console.log('提交--this.tableDataQR', this.tableDataQR, confirmStatusArr, nullFeedBack);
// console.log('提交--this.tableDataQR', this.tableDataQR, confirmStatusArr, nullFeedBack);
if (nullFeedBack.length > 0) {
this.$message.warning('整改说明(申述必填)');
return
......@@ -828,7 +828,7 @@ export default {
},
//问题确认开关
controlSwitch(val, row) {
console.log('333', val, row)
// console.log('333', val, row)
},
async submitForm(info) {
if(info==999){
......@@ -840,7 +840,7 @@ export default {
module: 0,
}
Object.assign(params, this.ruleForm)
console.log(params)
// console.log(params)
let res = await evaluationMaterials(params)
......@@ -962,21 +962,21 @@ export default {
}
},
handleSizeChange(val) {
console.log(`每页 ${val} 条`)
// console.log(`每页 ${val} 条`)
this.pageSize = val
this.submitForm()
},
handleCurrentChange(val) {
console.log(`当前页: ${val}`)
// console.log(`当前页: ${val}`)
this.currentPage = val
this.submitForm()
},
handleSizeChangetjcl(val) {
console.log(`每页 ${val} 条`)
// console.log(`每页 ${val} 条`)
this.pageSizetjcl = val
},
handleCurrentChangetjcl(val) {
console.log(`当前页: ${val}`)
// console.log(`当前页: ${val}`)
this.currentPagetjcl = val
},
cancel() {
......@@ -988,7 +988,7 @@ export default {
// this.dialogXQ = false;
},
closeDialog() {
console.log('guanbi')
// console.log('guanbi')
this.showButton = true
},
async save(type) {
......@@ -1001,7 +1001,7 @@ export default {
this.resetForm()
},
handleFileUploadZG(event, row, id) {
console.log('来了么')
// console.log('来了么')
this.file = event.target.files[0]
this.submitFileZG(row, id)
},
......@@ -1021,7 +1021,7 @@ export default {
formData.append('bathId', this.checkedList[0].batchId)
ossuploadStr(formData)
.then((response) => {
console.log(response, '试试')
// console.log(response, '试试')
this.fileList = []
let fileId = ''
response.data.list.forEach((item) => {
......@@ -1031,7 +1031,7 @@ export default {
this.$set(row, type, fileId)
})
.catch((error) => {
console.error(error)
// console.error(error)
})
} else {
this.$message('请先选择文件')
......@@ -1039,18 +1039,18 @@ export default {
},
submitFileZG(row, type) {
// return;
console.log(row)
// console.log(row)
if (this.file) {
const formData = new FormData()
formData.append('file', this.file)
ossupload(formData)
.then((response) => {
console.log(response)
// console.log(response)
this.file = []
this.$set(row, type, response.data.fileId)
})
.catch((error) => {
console.error(error)
// console.error(error)
})
} else {
this.$message('请先选择文件')
......@@ -1060,15 +1060,31 @@ export default {
// 提交保存成功后清空已上传的文件
this.$refs.upload.clearFiles()
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(scope) {
console.log(scope.fileId)
// console.log(scope.fileId)
// 添加文件名验证
const safeFileName = this.sanitizeFileName(scope.fileName);
let response = await downloadObject({
fileId: scope.fileId * 1,
})
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = scope.fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = scope.fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......@@ -1078,7 +1094,7 @@ export default {
}
},
handleMouseEnter(msg) {
console.log(this.$refs[msg], 'this.$refs[msg].style')
// console.log(this.$refs[msg], 'this.$refs[msg].style')
// this.$refs[msg].style.whiteSpace = 'normal';
},
handleMouseLeave(msg) {
......
src/views/assessZC/assistedViewing.vue
......@@ -570,7 +570,22 @@ export default {
this.dialog = false
},
handleImageClick() {},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(scope) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(scope.fileName);
let response = await downloadObject({
fileId: scope.fileId * 1,
})
......@@ -578,7 +593,8 @@ export default {
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = scope.fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = scope.fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......
src/views/assessZC/auxiliaryInspection.vue
......@@ -888,14 +888,30 @@ export default {
}
return ''
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(fileId, fileName) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(fileName);
let response = await downloadObject({
fileId: fileId * 1,
})
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......
src/views/assessZC/checkCompliance.vue
......@@ -783,7 +783,7 @@ export default {
};
const res = await milestonesGetList(params);
if (res.data.code === 200) {
console.log(111);
// console.log(111);
// const mockdata = {
// code: 200,
// msg: "操作成功!",
......@@ -858,7 +858,7 @@ export default {
dataList2.forEach((item, index) => {
item["key"] = index + 1;
});
console.log(66666, dataList1, dataList2);
// console.log(66666, dataList1, dataList2);
this.timeLineDataList1 = dataList1;
this.timeLineDataList2 = dataList2;
} else {
......@@ -881,12 +881,12 @@ export default {
zoomIn() {
const iframe = this.$refs.pdfIframe[0];
const pdfWindow = iframe.contentWindow;
console.log("pdfWindow", iframe, pdfWindow);
// console.log("pdfWindow", iframe, pdfWindow);
// 假设 PDF.js 已经加载并且可以访问
if (pdfWindow.PDFViewerApplication) {
pdfWindow.PDFViewerApplication.zoomIn(); // 调用 PDF.js 的放大方法
} else {
console.error("PDF.js is not loaded.");
// console.error("PDF.js is not loaded.");
window.open(this.iframeUrl);
}
},
......@@ -909,13 +909,13 @@ export default {
},
// 放大图片
handlePictureCardPreview(file) {
console.log("点击放大");
// console.log("点击放大");
this.dialogImageUrl = file;
this.dialogVisible = true;
},
// 删除图片
handleRemove(file, fileList) {
console.log(fileList, "this.fileList");
// console.log(fileList, "this.fileList");
if (this.fileList.length == 0) {
this.fileList = [];
} else {
......@@ -941,7 +941,7 @@ export default {
this.file = file;
const isJPG = file.type === "image/jpeg" || file.type === "image/png";
const isLt2M = this.file.size / 1024 < 1000;
console.log(this.file.size / 1024, "this.file.size this.file.size ");
// console.log(this.file.size / 1024, "this.file.size this.file.size ");
if (!isJPG) {
this.$message.error("上传图片只能是 JPG 或 PNG 格式!");
this.hideUploadEdit = false;
......@@ -961,7 +961,7 @@ export default {
},
showFullScreen() {
console.log(this.fileList, "4444");
// console.log(this.fileList, "4444");
this.fullURL = this.fileList[0].url;
this.dialogVisible = true;
},
......@@ -970,7 +970,7 @@ export default {
},
changexm(row, typeCode) {
this.downloadObject(this.options[row], typeCode);
console.log(row, "换文件");
// console.log(row, "换文件");
},
async init(type) {
let params = {
......@@ -1059,7 +1059,7 @@ export default {
text: "智能分析中,请耐心等候...", //显示在加载图标下方的加载文案
background: "rgba(0,0,0,.7)", //遮罩背景色
};
console.log(2222, this.clqparams);
// console.log(2222, this.clqparams);
let params = {
projectStage: this.active * 1 + 1,
// hgx: 'hgx',
......@@ -1073,12 +1073,12 @@ export default {
if ((this.hgx = "hgx")) {
params.hgx = "hgx";
}
console.log(111111, params);
// console.log(111111, params);
Promise.all([selFile(params), selWtqdFZ(params)]).then(async (res) => {
this.$nextTick(() => {
// 以服务的方式调用的 Loading 需要异步关闭
if (type == "work") {
console.log("走了关闭");
// console.log("走了关闭");
loadingInstance.close();
}
});
......@@ -1236,7 +1236,7 @@ export default {
this.options = [];
this.valuesel = "";
this.iframeUrl = "";
console.log("切换", tab.index);
// console.log("切换", tab.index);
let resList = await selFileList({
...params,
typeCode: this.tabListKY[tab.index].typeCode,
......@@ -1254,7 +1254,7 @@ export default {
}
},
change(id) {
console.log(this.hgx, "3");
// console.log(this.hgx, "3");
if (
JSON.stringify(this.questionList) ==
......@@ -1281,7 +1281,7 @@ export default {
this.save("3", id);
})
.catch((action) => {
console.log(action, "actionaction");
// console.log(action, "actionaction");
if (action === "cancel") {
this.active = id * 1;
// this.tabListKY = MaterialsListKY(id * 1 + 1);
......@@ -1304,7 +1304,7 @@ export default {
item.evalList.splice(index, 1);
},
adopt(item, index, items) {
console.log(item, "采纳");
// console.log(item, "采纳");
if (item.evalList.length == 1 && !item.evalList[0].evalQues) {
item.evalList[0].evalQues = items;
} else {
......@@ -1316,7 +1316,7 @@ export default {
},
addInput(item) {
if (item.evalList[0].disabled == true) {
console.log("选择了未发现问题");
// console.log("选择了未发现问题");
return;
}
......@@ -1361,13 +1361,13 @@ export default {
const isProblem = item.evalList.filter((v) => v.evalQues).length;
item.isProblem = isProblem > 0 ? 1 : 0;
});
console.log(this.questionList, "questionList");
// console.log(this.questionList, "questionList");
let params = {
list: this.questionList,
...this.clqparams,
};
console.log(params, "保存");
// console.log(params, "保存");
// return
let res = await bcevalQuesInfo(params);
......@@ -1398,14 +1398,14 @@ export default {
this.submitFile(res, items);
},
submitFile(item, list) {
console.log(list, "list");
console.log(this.file, "多少k");
// console.log(list, "list");
// console.log(this.file, "多少k");
if (this.file) {
const formData = new FormData();
formData.append("file", this.file);
ossupload(formData)
.then((response) => {
console.log(response, "上传图片");
// console.log(response, "上传图片");
if (response.code == "200") {
// list.url = response.data.downLoadUrl;
// list.fileId= response.data.fileId
......@@ -1417,7 +1417,7 @@ export default {
}
})
.catch((error) => {
console.error(error);
// console.error(error);
this.$message("上传失败");
});
}
......
src/views/assessZC/materialAcquisition.vue
......@@ -1509,15 +1509,31 @@ export default {
// 提交保存成功后清空已上传的文件
this.$refs.upload.clearFiles()
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(scope) {
console.log(scope.fileId)
// console.log(scope.fileId)
// 添加文件名验证
const safeFileName = this.sanitizeFileName(scope.fileName);
let response = await downloadObject({
fileId: scope.fileId * 1,
})
let blob = new Blob([response])
if ('download' in document.createElement('a')) {
let elink = document.createElement('a')
elink.download = scope.fileName
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = scope.fileName
elink.style.display = 'none'
elink.href = URL.createObjectURL(blob)
document.body.appendChild(elink)
......
src/views/assessZC/projectView.vue
......@@ -648,7 +648,7 @@ export default {
},
async delFiles(row) {
this.filesTableData = []
console.log(row, "6666666666666");
// console.log(row, "6666666666666");
const { fullName, fullId } = row
const ids = fullId.split(',')
const names = fullName.split(',')
......
src/views/layout/leftBar.vue
......@@ -65,8 +65,8 @@
<script>
import { trendsRules } from "@/utils/leftBarRules";
import { getIscInfo, evaluationMaterials } from "@/api/index";
import Cookies from 'js-cookie';
// import { getIscInfo, evaluationMaterials } from "@/api/index";
// import Cookies from 'js-cookie';
export default {
data() {
return {
......@@ -96,7 +96,7 @@ export default {
},
watch: {
wholeRoutes(newVale, oldVale) {
console.log('newVale', newVale);
// console.log('newVale', newVale);
this.souYeRoute = newVale.souYeRoute
this.menuList = newVale.restRoutes
},
......
src/views/projectCheck/problemRectify.vue
......@@ -614,7 +614,7 @@ export default {
// console.log(this.XQtableData,'XQtableDataXQtableData')
})
.catch((error) => {
console.error(error);
// console.error(error);
});
} else {
this.$message("请先选择文件");
......@@ -624,14 +624,30 @@ export default {
controlSwitch(val, row) {
// console.log("333", val, row);
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(fileId, fileName) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(fileName);
let response = await downloadObject({
fileId: fileId * 1,
});
let blob = new Blob([response]);
if ("download" in document.createElement("a")) {
let elink = document.createElement("a");
elink.download = fileName;
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = fileName;
elink.style.display = "none";
elink.href = URL.createObjectURL(blob);
document.body.appendChild(elink);
......
src/views/projectCheck/verificationRectify.vue
......@@ -493,14 +493,30 @@ this.dialog = true;
}
return "";
},
// 添加文件名验证方法
sanitizeFileName(fileName) {
// 定义允许的字符白名单
const safePattern = /^[a-zA-Z0-9\-_\. \u4e00-\u9fa5]+$/;
// 如果文件名不符合白名单要求,使用默认文件名
if (!safePattern.test(fileName)) {
console.warn('文件名包含不安全字符,已替换为默认文件名');
return 'download';
}
return fileName;
},
async handleClickXZ(fileId, fileName) {
// 添加文件名验证
const safeFileName = this.sanitizeFileName(fileName);
let response = await downloadObject({
fileId: fileId * 1,
});
let blob = new Blob([response]);
if ("download" in document.createElement("a")) {
let elink = document.createElement("a");
elink.download = fileName;
elink.download = safeFileName // 使用经过净化的文件名
// elink.download = fileName;
elink.style.display = "none";
elink.href = URL.createObjectURL(blob);
document.body.appendChild(elink);
......@@ -627,7 +643,7 @@ this.dialog = true;
})
.catch((error) => {
console.error(error);
// console.error(error);
});
} else {
this.$message("请先选择文件");
......
vue.config.js
......@@ -4,7 +4,8 @@ const { defineConfig } = require('@vue/cli-service')
// const ip = '172.20.10.9'; // 何鹏
// const ip = '192.168.0.120';
// const ip = '192.168.50.1';
const ip = '192.168.145.116';
// const ip = '192.168.145.116';
// const ip = '192.168.27.116';
module.exports = defineConfig({
transpileDependencies: true,
//如果是hash模式, publicPath:"";如果是history, publicPath:"/"
......@@ -18,7 +19,7 @@ module.exports = defineConfig({
proxy: {
'/arch-evaluation':{
// target: `http://192.168.69.1:18102`, // pin
target: `http://192.168.27.116:18000/tools`, // pin
target: `http://${ip}:18000/tools`, // pin
changeOrigin: true,
pathRewrite:{
"^/arch-evaluation":"/"
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!