linxianzhuang/saasshop
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Plans: unify back sanitize via BackUrl helper

Browse Source
This commit is contained in:
萝卜
2026-03-14 22:52:48 +00:00
parent 2d824d29dd
commit 69edd4261d
1 changed files with 9 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/Http/Controllers/Admin/PlanController.php
View File

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
use App\Models\Plan; use App\Models\Plan;
use App\Models\PlatformOrder; use App\Models\PlatformOrder;
use App\Models\SiteSubscription; use App\Models\SiteSubscription;
use App\Support\BackUrl;
use Illuminate\Database\Eloquent\Builder; use Illuminate\Database\Eloquent\Builder;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@@ -148,13 +149,8 @@ class PlanController extends Controller
$this->ensurePlatformAdmin($request); $this->ensurePlatformAdmin($request);
$back = (string) $request->query('back', ''); $back = (string) $request->query('back', '');
// back 需为站内相对路径,并拒绝引号/尖括号,避免后续页面以 `{!! !!}` 原样输出时引入 XSS 风险。 // back 安全阀:统一收敛到 BackUrl::sanitizeForLinks用于 Blade `{!! !!}` 原样输出场景)
$safeBack = (str_starts_with($back, '/') $safeBack = BackUrl::sanitizeForLinks($back);
&& !preg_match('/["\'<>]/', $back)
// back 本身不应再包含 back避免无限嵌套导致 URL 膨胀)
&& !preg_match('/(?:^|[?&])back=/', $back))
? $back
: '';
return view('admin.plans.form', [ return view('admin.plans.form', [
'plan' => new Plan(), 'plan' => new Plan(),
@@ -173,13 +169,8 @@ class PlanController extends Controller
$data = $this->validatePlan($request); $data = $this->validatePlan($request);
$back = (string) $request->input('back', ''); $back = (string) $request->input('back', '');
// back 需为站内相对路径,并拒绝引号/尖括号,避免后续页面以 `{!! !!}` 原样输出时引入 XSS 风险。 // back 安全阀:统一收敛到 BackUrl::sanitizeForLinks用于 Blade `{!! !!}` 原样输出场景)
$safeBack = (str_starts_with($back, '/') $safeBack = BackUrl::sanitizeForLinks($back);
&& !preg_match('/["\'<>]/', $back)
// back 本身不应再包含 back避免无限嵌套导致 URL 膨胀)
&& !preg_match('/(?:^|[?&])back=/', $back))
? $back
: '';
$plan = Plan::query()->create($data); $plan = Plan::query()->create($data);
@@ -195,13 +186,8 @@ class PlanController extends Controller
$this->ensurePlatformAdmin($request); $this->ensurePlatformAdmin($request);
$back = (string) $request->query('back', ''); $back = (string) $request->query('back', '');
// back 需为站内相对路径,并拒绝引号/尖括号,避免后续页面以 `{!! !!}` 原样输出时引入 XSS 风险。 // back 安全阀:统一收敛到 BackUrl::sanitizeForLinks用于 Blade `{!! !!}` 原样输出场景)
$safeBack = (str_starts_with($back, '/') $safeBack = BackUrl::sanitizeForLinks($back);
&& !preg_match('/["\'<>]/', $back)
// back 本身不应再包含 back避免无限嵌套导致 URL 膨胀)
&& !preg_match('/(?:^|[?&])back=/', $back))
? $back
: '';
return view('admin.plans.form', [ return view('admin.plans.form', [
'plan' => $plan, 'plan' => $plan,
@@ -240,13 +226,8 @@ class PlanController extends Controller
$data = $this->validatePlan($request, $plan->id); $data = $this->validatePlan($request, $plan->id);
$back = (string) $request->input('back', ''); $back = (string) $request->input('back', '');
// back 需为站内相对路径,并拒绝引号/尖括号,避免后续页面以 `{!! !!}` 原样输出时引入 XSS 风险。 // back 安全阀:统一收敛到 BackUrl::sanitizeForLinks用于 Blade `{!! !!}` 原样输出场景)
$safeBack = (str_starts_with($back, '/') $safeBack = BackUrl::sanitizeForLinks($back);
&& !preg_match('/["\'<>]/', $back)
// back 本身不应再包含 back避免无限嵌套导致 URL 膨胀)
&& !preg_match('/(?:^|[?&])back=/', $back))
? $back
: '';
$plan->update($data); $plan->update($data);