页面越权

bns/html/compreDisplay/compreDisplay.html

@@ -8,8 +8,9 @@
     <link href="../../js/layui/formSelects-v4.css" rel="stylesheet" type="text/css" />
     <link rel="stylesheet" href="../../css/font.css">
     <link rel="stylesheet" href="../../css/compreDisplay/compreDisplay.css">
-    <script src="../../js/public/jquery-3.6.0.js" type="text/javascript"></script>
+    
 	<!--拦截及公共ip-->
+	<script src="../../js/public/jquery-3.6.0.js" type="text/javascript"></script>
 	<script src="../../js/system/IPUtils.js"></script>
 		<script src="../../js/system/public_utils.js"></script>
 	<script src="../../js/system/ajax_intercept.js"></script>

bns/html/compreDisplay/dutyHome.html

@@ -11,16 +11,15 @@
     <link rel="stylesheet" href="../../js/public/toolTip/mTips.css">
     <link rel="stylesheet" href="../../js/public/popover/jquery.webui-popover.min.css">
 	<!--拦截及公共ip-->
-	  <script src="../../js/public/jquery-3.6.0.js" type="text/javascript"></script>
+	<script src="../../js/public/jquery-3.6.0.js" type="text/javascript"></script>
 	<script src="../../js/system/IPUtils.js"></script>
-		<script src="../../js/system/public_utils.js"></script>
+	<script src="../../js/system/public_utils.js"></script>
 	<script src="../../js/system/ajax_intercept.js"></script>
 	<script src="../../js/smutil/sm2Utils.js"></script>
 	<script src="../../js/smutil/smUtil.js"></script>
 	<!--拦截及公共ip-->
-	
-  
     <script src="../../js/public/public.js" type="text/javascript"></script>
+	<script src="../../js/system/htmlpermission.js"></script>
     <script src="../../js/public/ajaxRequest.js" type="text/javascript"></script>
     <script src="../../js/public/sm3.js" type="text/javascript"></script>
     <script src="../../js/public/aes.js" type="text/javascript"></script>

bns/js/dutyTask/remotePatrol/remotePatrol.js

@@ -168,9 +168,6 @@ function pages() {
         classId: idParam
     }
     $.ajax({
-		headers:{
-			"encryption":"encryption"
-		},
         url: dataUrl + "proteam/pot/todayTask/getBallTimeList" ,
         data: params,
 		dataType:'JSON',

bns/js/public/public.js

@@ -5,7 +5,7 @@ let isIgwLogin = localStorage.getItem("isIgwLogin");
 let webSocketUrl = dataUrl.replace("http", "ws") + 'proteam/websocket/1?token='+token
 //getVideoConfig(token);
 //获取路径
-getLocalpath();
+
 /*系统登出*/
 function logout(type) {
     let html_type = localStorage.getItem("html_type");
@@ -410,7 +410,3 @@ function setRiskLevelColor(value) {
     }
 }
 
-function getLocalpath(){
-	var currentPath = window.location.pathname;
-	console.log(currentPath); // 输出当前页面的路径
-}

bns/js/system/htmlpermission.js

@@ -0,0 +1,29 @@
+getLocalpath();
+
+function getLocalpath(){
+	var currentPath = window.location.pathname;
+	var url=currentPath.split("/html");
+	let usJosn=JSON.parse(us);
+	let yq=getHtmlPermission(usJosn.menus,url[1]);
+	console.log(yq)
+	if(!yq){
+		console.log(url[1])
+		  top.window.location.href = login_url;	
+	}
+}
+function getHtmlPermission(menus,html){
+	for (var i = 0; i < menus.length; i++) {
+			var child=menus[i].childer;
+			if(!child || child.length<1){
+				if(menus[i].url.indexOf(html)!='-1'){
+					return true;
+				}
+			}else{
+				let  wyq=getHtmlPermission(child,html);
+				if(wyq){
+					return true;
+				}
+			}
+	}
+		return false;
+}

logins.html

@@ -8,8 +8,14 @@
 <link href="bns/js/layui/css/layui.css" rel="stylesheet">
 <script src="bns/js/layui/layui.js"></script>
 <script src="bns/js/public/jquery-3.6.0.js" type="text/javascript"></script>
+<!--拦截及公共ip-->
+	<script src="bns/js/system/IPUtils.js"></script>
+	<script src="bns/js/system/ajax_intercept.js"></script>
+	<script src="bns/js/system/public_utils.js"></script>
+	<script src="bns/js/smutil/sm2Utils.js"></script>
+		<script src="bns/js/smutil/smUtil.js"></script>
+	<!--加密工具结束-->
 <script src="bns/js/public/aes.js" type="text/javascript"></script>
-<script src="bns/js/login/public.js" type="text/javascript"></script>
 <script src="bns/js/login/logins.js" type="text/javascript"></script>
 <body>
 <div id="wdiv">