linxianzhuang/saasshop
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(back): index 快捷筛选 allUrl 的 safeBack 增强校验(拒绝引号/尖括号)

Browse Source
This commit is contained in:
萝卜
2026-03-14 01:37:16 +00:00
parent c4b3769458
commit 153c5af8cb
3 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
resources/views/admin/plans/index.blade.php
View File

@@ -78,7 +78,9 @@
// “全部”:清空筛选,但保留 back用于返回来源页 // “全部”:清空筛选,但保留 back用于返回来源页
$incomingBack = (string) request()->query('back', ''); $incomingBack = (string) request()->query('back', '');
$safeBack2 = str_starts_with($incomingBack, '/') ? $incomingBack : ''; $safeBack2 = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack))
? $incomingBack
: '';
$allUrl = '/admin/plans'; $allUrl = '/admin/plans';
if ($safeBack2 !== '') { if ($safeBack2 !== '') {
$allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack2]); $allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack2]);

4
resources/views/admin/platform_orders/index.blade.php
View File

@@ -113,7 +113,9 @@
// “全部”:清空筛选,但保留 back用于返回来源页 // “全部”:清空筛选,但保留 back用于返回来源页
$incomingBack = (string) request()->query('back', ''); $incomingBack = (string) request()->query('back', '');
$safeBack = str_starts_with($incomingBack, '/') ? $incomingBack : ''; $safeBack = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack))
? $incomingBack
: '';
$allUrl = '/admin/platform-orders'; $allUrl = '/admin/platform-orders';
if ($safeBack !== '') { if ($safeBack !== '') {
$allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack]); $allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack]);

4
resources/views/admin/site_subscriptions/index.blade.php
View File

@@ -88,7 +88,9 @@
// “全部”:清空筛选,但保留 back用于返回来源页 // “全部”:清空筛选,但保留 back用于返回来源页
$incomingBack = (string) request()->query('back', ''); $incomingBack = (string) request()->query('back', '');
$safeBack = str_starts_with($incomingBack, '/') ? $incomingBack : ''; $safeBack = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack))
? $incomingBack
: '';
$allUrl = '/admin/site-subscriptions'; $allUrl = '/admin/site-subscriptions';
if ($safeBack !== '') { if ($safeBack !== '') {
$allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack]); $allUrl .= '?' . \Illuminate\Support\Arr::query(['back' => $safeBack]);