漏洞修改
This commit is contained in:
jiang
parent
5eb17ccce9
commit
f8b88ea99d
20
index.html
20
index.html
|
|
@ -156,13 +156,25 @@
|
||||||
}, function (result) {
|
}, function (result) {
|
||||||
console.log(result);
|
console.log(result);
|
||||||
if (result.code === 200) {
|
if (result.code === 200) {
|
||||||
var url = window.location.href; //获取当前页面的url
|
// 使用 URL API 解析
|
||||||
if (url.indexOf("?") != -1) { //判断是否存在参数
|
var currentUrl = new URL(window.location.href);
|
||||||
url = url.replace(/(\?|#)[^'"]*/, ''); //去除参数
|
|
||||||
window.history.pushState({}, 0, url);
|
// 协议检查,拒绝 javascript: 等危险协议
|
||||||
|
if (currentUrl.protocol !== "http:" && currentUrl.protocol !== "https:") {
|
||||||
|
console.warn("非法协议,拒绝处理: " + currentUrl.protocol);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 如果有 query 参数或者 hash,就清理掉
|
||||||
|
if (currentUrl.search || currentUrl.hash) {
|
||||||
|
var cleanUrl = currentUrl.origin + currentUrl.pathname;
|
||||||
|
window.history.pushState({}, "", cleanUrl);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 初始化页面
|
||||||
initPage(miniAdmin);
|
initPage(miniAdmin);
|
||||||
} else if (result.code === 401) {
|
} else if (result.code === 401) {
|
||||||
|
// 登录过期或无权限
|
||||||
closeWindowOpen();
|
closeWindowOpen();
|
||||||
}
|
}
|
||||||
}, function (xhr, status, error) {
|
}, function (xhr, status, error) {
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue