From 4116ea5f9f0a2df55c12e064c86ab8d3aecc6085 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=90=9D=E5=8D=9C?= Date: Sat, 14 Mar 2026 01:16:02 +0000 Subject: [PATCH] fix(back): render safeBack raw with stronger validation on index/form pages --- resources/views/admin/plans/index.blade.php | 8 ++++++-- resources/views/admin/platform_orders/form.blade.php | 8 ++++++-- resources/views/admin/platform_orders/index.blade.php | 8 ++++++-- resources/views/admin/site_subscriptions/index.blade.php | 8 ++++++-- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/resources/views/admin/plans/index.blade.php b/resources/views/admin/plans/index.blade.php index eeb1b0d..425e35d 100644 --- a/resources/views/admin/plans/index.blade.php +++ b/resources/views/admin/plans/index.blade.php @@ -32,11 +32,15 @@ @php $incomingBack = (string) request()->query('back', ''); - $safeBack = str_starts_with($incomingBack, '/') ? $incomingBack : ''; + // 为避免 & 被 Blade escape 成 & 导致回退上下文丢失,这里需要原样输出 href。 + // 安全护栏:必须为站内相对路径,并拒绝引号/尖括号,降低 XSS 风险。 + $safeBack = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack)) + ? $incomingBack + : ''; @endphp @if($safeBack)
- ← 返回上一页(保留上下文) + ← 返回上一页(保留上下文)
@endif diff --git a/resources/views/admin/platform_orders/form.blade.php b/resources/views/admin/platform_orders/form.blade.php index d6b50f6..636ccbb 100644 --- a/resources/views/admin/platform_orders/form.blade.php +++ b/resources/views/admin/platform_orders/form.blade.php @@ -88,11 +88,15 @@
@php $incomingBack = (string) ($defaults['back'] ?? ''); - $safeBack = str_starts_with($incomingBack, '/') ? $incomingBack : ''; + // 为避免 & 被 Blade escape 成 & 导致回退上下文丢失,这里需要原样输出 href。 + // 安全护栏:必须为站内相对路径,并拒绝引号/尖括号,降低 XSS 风险。 + $safeBack = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack)) + ? $incomingBack + : ''; @endphp @if($safeBack) - 返回(保留上下文) + 返回(保留上下文) @else 返回 @endif diff --git a/resources/views/admin/platform_orders/index.blade.php b/resources/views/admin/platform_orders/index.blade.php index 2ba427f..99d58d0 100644 --- a/resources/views/admin/platform_orders/index.blade.php +++ b/resources/views/admin/platform_orders/index.blade.php @@ -23,11 +23,15 @@ @php $back = (string) request()->query('back', ''); - $safeBack = str_starts_with($back, '/') ? $back : ''; + // 为避免 & 被 Blade escape 成 & 导致回退上下文丢失,这里需要原样输出 href。 + // 安全护栏:必须为站内相对路径,并拒绝引号/尖括号,降低 XSS 风险。 + $safeBack = (str_starts_with($back, '/') && !preg_match('/["\'<>]/', $back)) + ? $back + : ''; @endphp @if($safeBack)
- ← 返回上一页(保留上下文) + ← 返回上一页(保留上下文)
@endif diff --git a/resources/views/admin/site_subscriptions/index.blade.php b/resources/views/admin/site_subscriptions/index.blade.php index 10db8d7..1da57f5 100644 --- a/resources/views/admin/site_subscriptions/index.blade.php +++ b/resources/views/admin/site_subscriptions/index.blade.php @@ -40,11 +40,15 @@ @php $incomingBack = (string) request()->query('back', ''); - $safeBack = str_starts_with($incomingBack, '/') ? $incomingBack : ''; + // 为避免 & 被 Blade escape 成 & 导致回退上下文丢失,这里需要原样输出 href。 + // 安全护栏:必须为站内相对路径,并拒绝引号/尖括号,降低 XSS 风险。 + $safeBack = (str_starts_with($incomingBack, '/') && !preg_match('/["\'<>]/', $incomingBack)) + ? $incomingBack + : ''; @endphp @if($safeBack)
- ← 返回上一页(保留上下文) + ← 返回上一页(保留上下文)
@endif