bonus
/
nw-cqdevicemgt-ui
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

解决漏洞xss攻击问题

This commit is contained in:
BianLzhaoMin 2024-09-29 17:26:45 +08:00
parent a73abf3423
commit 11f3fb3956
5 changed files with 213 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@ -64,6 +64,7 @@
"vue": "2.6.12", "vue": "2.6.12",
"vue-count-to": "1.0.13", "vue-count-to": "1.0.13",
"vue-cropper": "0.5.5", "vue-cropper": "0.5.5",
"vue-dompurify-html": "^2.6.0",
"vue-easy-print": "0.0.8", "vue-easy-print": "0.0.8",
"vue-json-excel": "^0.3.0", "vue-json-excel": "^0.3.0",
"vue-meta": "2.4.0", "vue-meta": "2.4.0",

39
src/main.js
View File

@ -11,26 +11,35 @@ import App from './App'
import store from './store' import store from './store'
import router from './router' import router from './router'
import directive from './directive' // directive import directive from './directive' // directive
import VueDOMPurifyHTML from 'vue-dompurify-html'
import plugins from './plugins' // plugins import plugins from './plugins' // plugins
import { download, downloadJson } from '@/utils/request' import { download, downloadJson } from '@/utils/request'
import './assets/icons' // icon import './assets/icons' // icon
import './permission' // permission control import './permission' // permission control
import { getDicts } from "@/api/system/dict/data"; import { getDicts } from '@/api/system/dict/data'
import { getConfigKey } from "@/api/system/config"; import { getConfigKey } from '@/api/system/config'
import { parseTime, resetForm, addDateRange, selectDictLabel, selectDictLabels, handleTree, indexContinuation } from "@/utils/ruoyi"; import {
parseTime,
resetForm,
addDateRange,
selectDictLabel,
selectDictLabels,
handleTree,
indexContinuation,
} from '@/utils/ruoyi'
// 分页组件 // 分页组件
import Pagination from "@/components/Pagination"; import Pagination from '@/components/Pagination'
// 自定义表格工具组件 // 自定义表格工具组件
import RightToolbar from "@/components/RightToolbar" import RightToolbar from '@/components/RightToolbar'
// 富文本组件 // 富文本组件
import Editor from "@/components/Editor" import Editor from '@/components/Editor'
// 文件上传组件 // 文件上传组件
import FileUpload from "@/components/FileUpload" import FileUpload from '@/components/FileUpload'
// 图片上传组件 // 图片上传组件
import ImageUpload from "@/components/ImageUpload" import ImageUpload from '@/components/ImageUpload'
// 图片预览组件 // 图片预览组件
import ImagePreview from "@/components/ImagePreview" import ImagePreview from '@/components/ImagePreview'
// 字典标签组件 // 字典标签组件
import DictTag from '@/components/DictTag' import DictTag from '@/components/DictTag'
// 头部标签组件 // 头部标签组件
@ -41,7 +50,6 @@ import DictData from '@/components/DictData'
import JsonExcel from 'vue-json-excel' import JsonExcel from 'vue-json-excel'
Vue.prototype.$eventBus = new Vue() Vue.prototype.$eventBus = new Vue()
import global_ from '@/utils/globalUrl' import global_ from '@/utils/globalUrl'
// 全局方法挂载 // 全局方法挂载
@ -71,6 +79,7 @@ Vue.component('downloadExcel', JsonExcel)
Vue.use(directive) Vue.use(directive)
Vue.use(plugins) Vue.use(plugins)
Vue.use(VueMeta) Vue.use(VueMeta)
Vue.use(VueDOMPurifyHTML)
DictData.install() DictData.install()
/** /**
@ -83,14 +92,14 @@ DictData.install()
*/ */
Vue.use(Element, { Vue.use(Element, {
size: Cookies.get('size') || 'medium' // set element-ui default size size: Cookies.get('size') || 'medium', // set element-ui default size
}) })
Vue.config.productionTip = false Vue.config.productionTip = false
new Vue({ new Vue({
el: '#app', el: '#app',
router, router,
store, store,
render: h => h(App) render: (h) => h(App),
}) })

6
src/views/qrCode/qrCode.vue
View File

@ -155,7 +155,7 @@
</div> </div>
</template> </template>
<script> <script>
import chapter from '../../utils/chapter' import chapter from '../../utils/chapter'
import { getMachineByQrCode } from '@/api/base/base' import { getMachineByQrCode } from '@/api/base/base'
export default { export default {
@ -201,14 +201,14 @@ export default {
qrCode: this.qrCode, qrCode: this.qrCode,
} }
getMachineByQrCode(param).then((response) => { getMachineByQrCode(param).then((response) => {
console.log(response) console.log(response, '返回结果-----')
this.queryParams = response.data this.queryParams = response.data
}) })
}, },
}, },
} }
</script> </script>
<style lang="scss" scoped> <style lang="scss" scoped>
.item-box { .item-box {
display: flex; display: flex;
width: 100%; width: 100%;

336
src/views/system/notice/index.vue
View File

@ -126,7 +126,7 @@
<!-- :options="dict.type.sys_notice_type" --> <!-- :options="dict.type.sys_notice_type" -->
<!-- :value="scope.row.noticeContent" --> <!-- :value="scope.row.noticeContent" -->
<!-- /> --> <!-- /> -->
<div v-html="row.noticeContent"></div> <div v-dompurify-html="row.noticeContent"></div>
</template> </template>
</el-table-column> </el-table-column>
<el-table-column <el-table-column
@ -276,177 +276,175 @@
</template> </template>
<script> <script>
import { import {
listNotice, listNotice,
getNotice, getNotice,
delNotice, delNotice,
addNotice, addNotice,
updateNotice, updateNotice,
} from '@/api/system/notice' } from '@/api/system/notice'
export default { export default {
name: 'Notice', name: 'Notice',
dicts: ['sys_notice_status', 'sys_notice_type'], dicts: ['sys_notice_status', 'sys_notice_type'],
data() { data() {
return { return {
// //
loading: true, loading: true,
// //
ids: [], ids: [],
// //
single: true, single: true,
// //
multiple: true, multiple: true,
// //
showSearch: true, showSearch: true,
// //
total: 0, total: 0,
// //
noticeList: [], noticeList: [],
// //
title: '', title: '',
// //
open: false, open: false,
// //
queryParams: { queryParams: {
pageNum: 1, pageNum: 1,
pageSize: 10, pageSize: 10,
noticeTitle: undefined, noticeTitle: undefined,
// createBy: undefined, // createBy: undefined,
status: undefined, status: undefined,
}, },
// //
form: {}, form: {},
// //
rules: { rules: {
noticeTitle: [ noticeTitle: [
{ {
required: true, required: true,
message: '公告标题不能为空', message: '公告标题不能为空',
trigger: 'blur', trigger: 'blur',
}, },
], ],
noticeType: [ noticeType: [
{ {
required: true, required: true,
message: '公告类型不能为空', message: '公告类型不能为空',
trigger: 'change', trigger: 'change',
}, },
], ],
}, },
} }
},
created() {
this.getList()
},
methods: {
/** 查询公告列表 */
getList() {
this.loading = true
listNotice(this.queryParams).then((response) => {
this.noticeList = response.rows
this.total = response.total
this.loading = false
})
}, },
created() { //
cancel() {
this.open = false
this.reset()
},
//
reset() {
this.form = {
noticeId: undefined,
noticeTitle: undefined,
noticeType: undefined,
noticeContent: undefined,
status: '0',
}
this.resetForm('form')
},
/** 搜索按钮操作 */
handleQuery() {
this.queryParams.pageNum = 1
this.getList() this.getList()
}, },
methods: { /** 重置按钮操作 */
/** 查询公告列表 */ resetQuery() {
getList() { this.resetForm('queryForm')
this.loading = true this.handleQuery()
listNotice(this.queryParams).then((response) => {
this.noticeList = response.rows
this.total = response.total
this.loading = false
})
},
//
cancel() {
this.open = false
this.reset()
},
//
reset() {
this.form = {
noticeId: undefined,
noticeTitle: undefined,
noticeType: undefined,
noticeContent: undefined,
status: '0',
}
this.resetForm('form')
},
/** 搜索按钮操作 */
handleQuery() {
this.queryParams.pageNum = 1
this.getList()
},
/** 重置按钮操作 */
resetQuery() {
this.resetForm('queryForm')
this.handleQuery()
},
//
handleSelectionChange(selection) {
this.ids = selection.map((item) => item.noticeId)
this.single = selection.length != 1
this.multiple = !selection.length
},
/** 新增按钮操作 */
handleAdd() {
this.reset()
this.open = true
this.title = '添加公告'
},
/** 修改按钮操作 */
handleUpdate(row) {
this.reset()
const noticeId = row.noticeId || this.ids
getNotice(noticeId).then((response) => {
this.form = response.data
this.open = true
this.title = '修改公告'
})
},
/** 提交按钮 */
submitForm: function () {
this.$refs['form'].validate((valid) => {
if (valid) {
if (this.form.noticeId != undefined) {
updateNotice(this.form).then((response) => {
this.$modal.msgSuccess('修改成功')
this.open = false
this.getList()
})
} else {
addNotice(this.form).then((response) => {
this.$modal.msgSuccess('新增成功')
this.open = false
this.getList()
})
}
}
})
},
/** 删除按钮操作 */
handleDelete(row) {
const noticeIds = row.noticeId || this.ids
this.$modal
.confirm(
'是否确认删除所选择的数据项?',
)
.then(function () {
return delNotice(noticeIds)
})
.then(() => {
this.getList()
this.$modal.msgSuccess('删除成功')
})
.catch(() => {})
},
handleEditorChange(value) {
let parser = new DOMParser()
let doc = parser.parseFromString(value, "text/html")
let text = doc.body.textContent || ""
// text.length 200 ,200
if (text.length > 200) {
this.$message({
message: '公告内容不能超过200个字符!',
type: 'warning'
})
this.form.noticeContent = text.substring(0, 200)
return
}
},
}, },
} //
handleSelectionChange(selection) {
this.ids = selection.map((item) => item.noticeId)
this.single = selection.length != 1
this.multiple = !selection.length
},
/** 新增按钮操作 */
handleAdd() {
this.reset()
this.open = true
this.title = '添加公告'
},
/** 修改按钮操作 */
handleUpdate(row) {
this.reset()
const noticeId = row.noticeId || this.ids
getNotice(noticeId).then((response) => {
this.form = response.data
this.open = true
this.title = '修改公告'
})
},
/** 提交按钮 */
submitForm: function () {
this.$refs['form'].validate((valid) => {
if (valid) {
if (this.form.noticeId != undefined) {
updateNotice(this.form).then((response) => {
this.$modal.msgSuccess('修改成功')
this.open = false
this.getList()
})
} else {
addNotice(this.form).then((response) => {
this.$modal.msgSuccess('新增成功')
this.open = false
this.getList()
})
}
}
})
},
/** 删除按钮操作 */
handleDelete(row) {
const noticeIds = row.noticeId || this.ids
this.$modal
.confirm('是否确认删除所选择的数据项?')
.then(function () {
return delNotice(noticeIds)
})
.then(() => {
this.getList()
this.$modal.msgSuccess('删除成功')
})
.catch(() => {})
},
handleEditorChange(value) {
let parser = new DOMParser()
let doc = parser.parseFromString(value, 'text/html')
let text = doc.body.textContent || ''
// text.length 200 ,200
if (text.length > 200) {
this.$message({
message: '公告内容不能超过200个字符!',
type: 'warning',
})
this.form.noticeContent = text.substring(0, 200)
return
}
},
},
}
</script> </script>

24
src/views/warehouseManage/tagBind/bind/index.vue
View File

@ -92,7 +92,6 @@
icon="el-icon-plus" icon="el-icon-plus"
size="mini" size="mini"
@click="handleBind" @click="handleBind"
:disabled="single"
v-hasPermi="['tagBind:bind:bind']" v-hasPermi="['tagBind:bind:bind']"
>绑定</el-button >绑定</el-button
> >
@ -123,7 +122,6 @@
plain plain
icon="el-icon-plus" icon="el-icon-plus"
size="mini" size="mini"
:disabled="multiple"
@click="labelUpload" @click="labelUpload"
v-hasPermi="['tagBind:bind:unload']" v-hasPermi="['tagBind:bind:unload']"
>标签下载</el-button >标签下载</el-button
@ -182,12 +180,7 @@
:data="labelList" :data="labelList"
@selection-change="handleSelectionChange" @selection-change="handleSelectionChange"
> >
<el-table-column <el-table-column type="selection" width="55" align="center" />
type="selection"
width="55"
align="center"
:selectable="(row, index) => row.status != '1'"
/>
<el-table-column <el-table-column
align="center" align="center"
label="序号" label="序号"
@ -694,6 +687,16 @@ export default {
}, },
/** 绑定按钮操作 */ /** 绑定按钮操作 */
handleBind() { handleBind() {
if (this.checkboxModel.length < 1) {
this.$modal.msgError('请勾选需要下载的数据!')
return
} else {
const isBind = this.checkboxModel.every((e) => e.status != 1)
if (!isBind) {
this.$modal.msgError('只能选择未绑定机具的标签!')
return
}
}
this.reset() this.reset()
this.open = true this.open = true
this.title = '绑定' this.title = '绑定'
@ -852,6 +855,11 @@ export default {
}, },
// //
async labelUpload() { async labelUpload() {
if (this.checkboxModel.length < 1) {
this.$modal.msgError('请勾选需要下载的数据!')
return
}
console.log('checkboxModel', this.checkboxModel) console.log('checkboxModel', this.checkboxModel)
const msg = this.$modal.loading('批量生成中,请稍候...') const msg = this.$modal.loading('批量生成中,请稍候...')
try { try {