From f37ff15e0db2a17b1d02a82e5d7ab00ece624122 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=90=9D=E5=8D=9C?= <dev@saasshop.local>
Date: Fri, 13 Mar 2026 22:52:55 +0000
Subject: [PATCH] feat: site subscriptions export require download=1 safety
 valve

---
 .../Admin/SiteSubscriptionController.php      |  5 +++
 .../admin/site_subscriptions/index.blade.php  |  1 +
 ...scriptionExportDownloadSafetyValveTest.php | 33 +++++++++++++++++++
 .../AdminSiteSubscriptionExportTest.php       |  2 +-
 4 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 tests/Feature/AdminSiteSubscriptionExportDownloadSafetyValveTest.php

diff --git a/app/Http/Controllers/Admin/SiteSubscriptionController.php b/app/Http/Controllers/Admin/SiteSubscriptionController.php
index 6d5ea83..f2f4359 100644
--- a/app/Http/Controllers/Admin/SiteSubscriptionController.php
+++ b/app/Http/Controllers/Admin/SiteSubscriptionController.php
@@ -211,6 +211,11 @@ class SiteSubscriptionController extends Controller
     {
         $this->ensurePlatformAdmin($request);
 
+        // 安全阀：必须显式声明 download=1，避免浏览器预取/误触发导致频繁导出
+        if ((string) $request->query('download', '') !== '1') {
+            abort(400, 'download=1 required');
+        }
+
         $filters = [
             'status' => trim((string) $request->query('status', '')),
             'keyword' => trim((string) $request->query('keyword', '')),
diff --git a/resources/views/admin/site_subscriptions/index.blade.php b/resources/views/admin/site_subscriptions/index.blade.php
index a6f7923..f7c3590 100644
--- a/resources/views/admin/site_subscriptions/index.blade.php
+++ b/resources/views/admin/site_subscriptions/index.blade.php
@@ -131,6 +131,7 @@
     <h3>工具</h3>
     <div class="grid-2">
         <form method="get" action="/admin/site-subscriptions/export">
+            <input type="hidden" name="download" value="1">
             <input type="hidden" name="status" value="{{ $filters['status'] ?? '' }}">
             <input type="hidden" name="merchant_id" value="{{ $filters['merchant_id'] ?? '' }}">
             <input type="hidden" name="plan_id" value="{{ $filters['plan_id'] ?? '' }}">
diff --git a/tests/Feature/AdminSiteSubscriptionExportDownloadSafetyValveTest.php b/tests/Feature/AdminSiteSubscriptionExportDownloadSafetyValveTest.php
new file mode 100644
index 0000000..0f8f669
--- /dev/null
+++ b/tests/Feature/AdminSiteSubscriptionExportDownloadSafetyValveTest.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class AdminSiteSubscriptionExportDownloadSafetyValveTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected function loginAsPlatformAdmin(): void
+    {
+        $this->seed();
+
+        $this->post('/admin/login', [
+            'email' => 'platform.admin@demo.local',
+            'password' => 'Platform@123456',
+        ])->assertRedirect('/admin');
+    }
+
+    public function test_export_should_require_download_flag(): void
+    {
+        $this->loginAsPlatformAdmin();
+
+        $this->get('/admin/site-subscriptions/export')
+            ->assertStatus(400)
+            ->assertSee('download=1 required');
+
+        $this->get('/admin/site-subscriptions/export?download=1')
+            ->assertOk();
+    }
+}
diff --git a/tests/Feature/AdminSiteSubscriptionExportTest.php b/tests/Feature/AdminSiteSubscriptionExportTest.php
index 2fbf69a..7c3c998 100644
--- a/tests/Feature/AdminSiteSubscriptionExportTest.php
+++ b/tests/Feature/AdminSiteSubscriptionExportTest.php
@@ -53,7 +53,7 @@ class AdminSiteSubscriptionExportTest extends TestCase
             'activated_at' => now()->subDays(1),
         ]);
 
-        $res = $this->get('/admin/site-subscriptions/export');
+        $res = $this->get('/admin/site-subscriptions/export?download=1');
 
         $res->assertOk();
         $res->assertHeader('content-type', 'text/csv; charset=UTF-8');