diff --git a/app/Support/BackUrl.php b/app/Support/BackUrl.php new file mode 100644 index 0000000..85cea38 --- /dev/null +++ b/app/Support/BackUrl.php @@ -0,0 +1,36 @@ +]/', $incomingBack)) { + return ''; + } + + // 拒绝 back 自身再包含 back=(避免无限嵌套导致 URL 膨胀,且容易绕过页面侧护栏) + if (preg_match('/(?:^|[?&])back=/', $incomingBack)) { + return ''; + } + + return $incomingBack; + } +} diff --git a/resources/views/admin/plans/form.blade.php b/resources/views/admin/plans/form.blade.php index deba24f..77c5c9e 100644 --- a/resources/views/admin/plans/form.blade.php +++ b/resources/views/admin/plans/form.blade.php @@ -18,11 +18,7 @@ // - 仅允许站内相对路径(/ 开头) // - 拒绝引号/尖括号 // - 拒绝 nested back=(避免 URL 膨胀/绕过) - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); @endphp @if($safeBackForLinks !== '') diff --git a/resources/views/admin/plans/index.blade.php b/resources/views/admin/plans/index.blade.php index 18c22ef..92dd3c4 100644 --- a/resources/views/admin/plans/index.blade.php +++ b/resources/views/admin/plans/index.blade.php @@ -26,16 +26,12 @@ return '/admin/platform-orders?' . \Illuminate\Support\Arr::query($query); }; - // back 安全护栏(全页通用): + // back 安全护栏(全页通用): // - 仅允许站内相对路径(/ 开头) // - 拒绝引号/尖括号(由于本页大量 href 采用 `{!! !!}` 原样输出,必须严控注入风险) // - 拒绝 nested back=(避免 URL 膨胀/绕过) $incomingBack = (string) request()->query('back', ''); - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); @endphp

这里是总台视角的套餐目录页,用于沉淀平台可售卖的标准能力包。

diff --git a/resources/views/admin/platform_orders/form.blade.php b/resources/views/admin/platform_orders/form.blade.php index a235f15..768b0e9 100644 --- a/resources/views/admin/platform_orders/form.blade.php +++ b/resources/views/admin/platform_orders/form.blade.php @@ -137,11 +137,7 @@ // - 拒绝引号/尖括号 // - 拒绝 nested back=(避免 URL 膨胀/绕过) // 说明:此处 href 采用原样输出以避免 & 影响回链/断言。 - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); @endphp @if($safeBackForLinks !== '') diff --git a/resources/views/admin/platform_orders/index.blade.php b/resources/views/admin/platform_orders/index.blade.php index caf5f77..763247e 100644 --- a/resources/views/admin/platform_orders/index.blade.php +++ b/resources/views/admin/platform_orders/index.blade.php @@ -22,11 +22,7 @@ // - 拒绝引号/尖括号(由于本页大量 href 采用 `{!! !!}` 原样输出,必须严控注入风险) // - 拒绝 nested back=(避免 URL 膨胀/绕过) $incomingBackForLinks = (string) request()->query('back', ''); - $safeBackForLinks = (str_starts_with($incomingBackForLinks, '/') - && !preg_match('/["\'<>]/', $incomingBackForLinks) - && !preg_match('/(?:^|[?&])back=/', $incomingBackForLinks)) - ? $incomingBackForLinks - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBackForLinks); // 金额展示:精简视图尽量更短(整数不显示 .00),full 视图保持两位小数(便于对账) $formatMoneyCompact = function ($amount) { diff --git a/resources/views/admin/platform_orders/show.blade.php b/resources/views/admin/platform_orders/show.blade.php index f7ad33b..3c1820d 100644 --- a/resources/views/admin/platform_orders/show.blade.php +++ b/resources/views/admin/platform_orders/show.blade.php @@ -766,11 +766,7 @@ // - 拒绝引号/尖括号 // - 拒绝 nested back=(避免 URL 膨胀/绕过) // 说明:下方 href 采用原样输出以避免 & 影响断言。 - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); // 若 back 指向的平台订单列表带 lead_id,则在详情页也提示当前来源线索(更不迷路)。 $leadIdFromBack = 0; diff --git a/resources/views/admin/site_subscriptions/index.blade.php b/resources/views/admin/site_subscriptions/index.blade.php index 2fc2c8b..7cb0a0f 100644 --- a/resources/views/admin/site_subscriptions/index.blade.php +++ b/resources/views/admin/site_subscriptions/index.blade.php @@ -39,11 +39,7 @@ // - 拒绝引号/尖括号(由于本页大量 href 采用 `{!! !!}` 原样输出,必须严控注入风险) // - 拒绝 nested back=(避免 URL 膨胀/绕过) $incomingBack = (string) request()->query('back', ''); - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); @endphp

这里是总台视角的订阅目录页,承接“套餐 -> 订阅 -> 平台订单”的收费主链中间层。

diff --git a/resources/views/admin/site_subscriptions/show.blade.php b/resources/views/admin/site_subscriptions/show.blade.php index e11669e..598a0b6 100644 --- a/resources/views/admin/site_subscriptions/show.blade.php +++ b/resources/views/admin/site_subscriptions/show.blade.php @@ -125,11 +125,7 @@ // - 拒绝引号/尖括号 // - 拒绝 nested back=(避免 URL 膨胀/绕过) // 说明:下方 href 采用原样输出以避免 & 影响回链/断言。 - $safeBackForLinks = (str_starts_with($incomingBack, '/') - && !preg_match('/["\'<>]/', $incomingBack) - && !preg_match('/(?:^|[?&])back=/', $incomingBack)) - ? $incomingBack - : ''; + $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack); @endphp @if($safeBackForLinks !== '')