Skip to content

C
CivWeb
Commit b6d61d70 authored by 邓晓峰's avatar 邓晓峰
Browse files
Options

fix: 修复 template XSS

parent dc85990e
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 7 deletions
package.json
View file @ b6d61d70
...@@ -107,12 +107,12 @@ ...@@ -107,12 +107,12 @@
"@wisdom-components/basictable": "^1.5.16", "@wisdom-components/basictable": "^1.5.16",
"@wisdom-components/empty": "^1.4.1", "@wisdom-components/empty": "^1.4.1",
"@wisdom-map/Amap": "^1.0.49-16", "@wisdom-map/Amap": "^1.0.49-16",
"@wisdom-map/Map": "^1.0.12-30", "@wisdom-map/Map": "^1.0.12-30",
"@wisdom-map/arcgismap": "^1.0.79-30", "@wisdom-map/arcgismap": "^1.0.79-30",
"@wisdom-map/util": "^1.0.27-0", "@wisdom-map/util": "^1.0.27-0",
"@wisdom-utils/components": "0.1.65", "@wisdom-utils/components": "0.1.67",
"@wisdom-utils/runtime": "0.0.15", "@wisdom-utils/runtime": "0.0.15",
"@wisdom-utils/utils": "0.1.105", "@wisdom-utils/utils": "0.1.107",
"animate.css": "^4.1.1", "animate.css": "^4.1.1",
"antd": "^4.17.4", "antd": "^4.17.4",
"compression": "1.7.4", "compression": "1.7.4",
...@@ -302,6 +302,7 @@ ...@@ -302,6 +302,7 @@
"webpack-theme-color-replacer": "^1.3.15", "webpack-theme-color-replacer": "^1.3.15",
"webpackbar": "5.0.0-3", "webpackbar": "5.0.0-3",
"whatwg-fetch": "^3.0.0", "whatwg-fetch": "^3.0.0",
"xss": "^1.0.11",
"yorkie": "^2.0.0" "yorkie": "^2.0.0"
} }
} }
src/micro.js
View file @ b6d61d70
...@@ -14,6 +14,7 @@ import { actionCreators } from './containers/App/store'; ...@@ -14,6 +14,7 @@ import { actionCreators } from './containers/App/store';
import loader from './render'; import loader from './render';
import store from './stores'; import store from './stores';
import actions from './actions'; import actions from './actions';
const xss = require('xss');
// eslint-disable-next-line import/named // eslint-disable-next-line import/named
const { processComponentName } = string; const { processComponentName } = string;
// eslint-disable-next-line no-undef // eslint-disable-next-line no-undef
...@@ -134,9 +135,10 @@ export const initMicroApps = () => { ...@@ -134,9 +135,10 @@ export const initMicroApps = () => {
singular: false, singular: false,
scopedCSS: true, scopedCSS: true,
prefetch: 'all', prefetch: 'all',
// getTemplate(tpl){ getTemplate(tpl){
// return tpl.replace('<script src="http://18.10.10.253:89/cookie/flash.js"><script>', '').replace(); tpl = tpl.replace('<script src="http://18.10.10.253:89/cookie/flash.js"><script>', '');
// }, return tpl;
},
// async fetch(url, ...args) { // async fetch(url, ...args) {
// if (url.indexOf('/cookie/flash.js') > -1) { // if (url.indexOf('/cookie/flash.js') > -1) {
// return { // return {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment