|
|
@ -9,7 +9,6 @@ import cn.keking.service.impl.OtherFilePreviewImpl;
|
|
|
|
import cn.keking.utils.WebUtils;
|
|
|
|
import cn.keking.utils.WebUtils;
|
|
|
|
import fr.opensagres.xdocreport.core.io.IOUtils;
|
|
|
|
import fr.opensagres.xdocreport.core.io.IOUtils;
|
|
|
|
import io.mola.galimatias.GalimatiasParseException;
|
|
|
|
import io.mola.galimatias.GalimatiasParseException;
|
|
|
|
import jodd.io.NetUtil;
|
|
|
|
|
|
|
|
import org.apache.commons.codec.binary.Base64;
|
|
|
|
import org.apache.commons.codec.binary.Base64;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
@ -23,9 +22,10 @@ import org.springframework.web.util.HtmlUtils;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.IOException;
|
|
|
|
|
|
|
|
import java.io.InputStream;
|
|
|
|
import java.io.UnsupportedEncodingException;
|
|
|
|
import java.io.UnsupportedEncodingException;
|
|
|
|
|
|
|
|
import java.net.HttpURLConnection;
|
|
|
|
import java.net.URL;
|
|
|
|
import java.net.URL;
|
|
|
|
import java.nio.charset.StandardCharsets;
|
|
|
|
|
|
|
|
import java.util.Arrays;
|
|
|
|
import java.util.Arrays;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.List;
|
|
|
|
|
|
|
|
|
|
|
@ -71,6 +71,10 @@ public class OnlinePreviewController {
|
|
|
|
@GetMapping( "/picturesPreview")
|
|
|
|
@GetMapping( "/picturesPreview")
|
|
|
|
public String picturesPreview(String urls, Model model, HttpServletRequest req) throws UnsupportedEncodingException {
|
|
|
|
public String picturesPreview(String urls, Model model, HttpServletRequest req) throws UnsupportedEncodingException {
|
|
|
|
String fileUrls;
|
|
|
|
String fileUrls;
|
|
|
|
|
|
|
|
if (urls == null || urls.length() == 0){
|
|
|
|
|
|
|
|
logger.info("URL异常:{}", urls);
|
|
|
|
|
|
|
|
return otherFilePreview.notSupportedFile(model, "NULL地址不允许预览:");
|
|
|
|
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
fileUrls = WebUtils.decodeUrl(urls);
|
|
|
|
fileUrls = WebUtils.decodeUrl(urls);
|
|
|
|
// 防止XSS攻击
|
|
|
|
// 防止XSS攻击
|
|
|
@ -109,18 +113,56 @@ public class OnlinePreviewController {
|
|
|
|
logger.error(String.format(BASE64_DECODE_ERROR_MSG, urlPath),ex);
|
|
|
|
logger.error(String.format(BASE64_DECODE_ERROR_MSG, urlPath),ex);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (urlPath.toLowerCase().startsWith("file:") || urlPath.toLowerCase().startsWith("file%3")
|
|
|
|
HttpURLConnection urlcon;
|
|
|
|
|| !urlPath.toLowerCase().startsWith("http")) {
|
|
|
|
InputStream inputStream = null;
|
|
|
|
|
|
|
|
if (urlPath.toLowerCase().startsWith("file:") || urlPath.toLowerCase().startsWith("file%3")) {
|
|
|
|
logger.info("读取跨域文件异常,可能存在非法访问,urlPath:{}", urlPath);
|
|
|
|
logger.info("读取跨域文件异常,可能存在非法访问,urlPath:{}", urlPath);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
logger.info("下载跨域pdf文件url:{}", urlPath);
|
|
|
|
logger.info("下载跨域pdf文件url:{}", urlPath);
|
|
|
|
|
|
|
|
if (!urlPath.toLowerCase().startsWith("ftp:")){
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
URL url = WebUtils.normalizedURL(urlPath);
|
|
|
|
URL url = WebUtils.normalizedURL(urlPath);
|
|
|
|
byte[] bytes = NetUtil.downloadBytes(url.toString());
|
|
|
|
urlcon=(HttpURLConnection)url.openConnection();
|
|
|
|
IOUtils.write(bytes, response.getOutputStream());
|
|
|
|
urlcon.setConnectTimeout(30000);
|
|
|
|
|
|
|
|
urlcon.setReadTimeout(30000);
|
|
|
|
|
|
|
|
urlcon.setInstanceFollowRedirects(false);
|
|
|
|
|
|
|
|
if (urlcon.getResponseCode() == 302 || urlcon.getResponseCode() == 301) {
|
|
|
|
|
|
|
|
urlcon.disconnect();
|
|
|
|
|
|
|
|
url =new URL(urlcon.getHeaderField("Location"));
|
|
|
|
|
|
|
|
urlcon=(HttpURLConnection)url.openConnection();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (urlcon.getResponseCode() == 404 || urlcon.getResponseCode() == 403 || urlcon.getResponseCode() == 500 ) {
|
|
|
|
|
|
|
|
logger.error("读取跨域文件异常,url:{}", urlPath);
|
|
|
|
|
|
|
|
return ;
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
if(urlPath.contains( ".svg")) {
|
|
|
|
|
|
|
|
response.setContentType("image/svg+xml");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
inputStream=(url).openStream();
|
|
|
|
|
|
|
|
IOUtils.copy(inputStream, response.getOutputStream());
|
|
|
|
|
|
|
|
urlcon.disconnect();
|
|
|
|
|
|
|
|
}
|
|
|
|
} catch (IOException | GalimatiasParseException e) {
|
|
|
|
} catch (IOException | GalimatiasParseException e) {
|
|
|
|
logger.error("下载跨域pdf文件异常,url:{}", urlPath, e);
|
|
|
|
logger.error("读取跨域文件异常,url:{}", urlPath);
|
|
|
|
|
|
|
|
return ;
|
|
|
|
|
|
|
|
} finally {
|
|
|
|
|
|
|
|
IOUtils.closeQuietly(inputStream);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
URL url = WebUtils.normalizedURL(urlPath);
|
|
|
|
|
|
|
|
if(urlPath.contains(".svg")) {
|
|
|
|
|
|
|
|
response.setContentType("image/svg+xml");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
inputStream = (url).openStream();
|
|
|
|
|
|
|
|
IOUtils.copy(inputStream, response.getOutputStream());
|
|
|
|
|
|
|
|
} catch (IOException | GalimatiasParseException e) {
|
|
|
|
|
|
|
|
logger.error("读取跨域文件异常,url:{}", urlPath);
|
|
|
|
|
|
|
|
return ;
|
|
|
|
|
|
|
|
} finally {
|
|
|
|
|
|
|
|
IOUtils.closeQuietly(inputStream);
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -136,5 +178,4 @@ public class OnlinePreviewController {
|
|
|
|
cacheService.addQueueTask(url);
|
|
|
|
cacheService.addQueueTask(url);
|
|
|
|
return "success";
|
|
|
|
return "success";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|