linxianzhuang/saasshop
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: batch return_url use relative self url (avoid fullUrl domain)

Browse Source
This commit is contained in:
萝卜
2026-03-14 10:48:28 +00:00
parent 722f4a1f44
commit 9678121efa
2 changed files with 33 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
resources/views/admin/products/index.blade.php
View File

@@ -175,7 +175,18 @@
<h3>商品列表</h3>
<form id="platform-batch-form" method="post" action="/admin/products/batch" onsubmit="return confirm('确认执行本次批量操作?');">
@csrf
<input type="hidden" name="return_url" value="{{ request()->fullUrl() }}">
@php
// return_url用于批量操作后回到当前列表保留筛选上下文
// 说明:不使用 request()->fullUrl()(可能包含域名),避免被后端“仅允许站内相对路径”规则拦截。
// 同时:剔除 return_url 本身,避免出现嵌套导致 URL 膨胀。
$currentQuery = request()->query();
unset($currentQuery['return_url']);
$selfWithoutReturn = '/' . ltrim(request()->path(), '/');
if (count($currentQuery) > 0) {
$selfWithoutReturn .= '?' . \Illuminate\Support\Arr::query($currentQuery);
}
@endphp
<input type="hidden" name="return_url" value="{{ $selfWithoutReturn }}">
<div class="actions gap-10 mb-12">
<select name="action"><option value="change_status">批量改状态</option><option value="change_category">批量改分类</option></select>
<select name="status"><option value="">选择状态(用于批量改状态)</option>@foreach($filterOptions['statuses'] as $status)<option value="{{ $statusLabels[$status] ?? $status }}">{{ $statusLabels[$status] ?? $status }}</option>@endforeach</select>