gitee
/
file-online-preview
mirror of https://gitee.com/kekingcn/file-online-preview
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

修复getCorsFile接口未加base64编码(filter中解码异常)

pull/49/MERGE
陈精华 2 years ago
parent
acffcbfe98
commit
dd65564af6
2 changed files with 8 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java
  2. 4
      server/src/main/resources/web/pdf.ftl

6
server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java
Unescape View File

@ -106,6 +106,12 @@ public class OnlinePreviewController {
*/ */
@RequestMapping(value = "/getCorsFile", method = RequestMethod.GET) @RequestMapping(value = "/getCorsFile", method = RequestMethod.GET)
public void getCorsFile(String urlPath, HttpServletResponse response) { public void getCorsFile(String urlPath, HttpServletResponse response) {
try {
urlPath = new String(Base64.decodeBase64(urlPath), StandardCharsets.UTF_8);
} catch (Exception ex) {
logger.error(String.format(BASE64_DECODE_ERROR_MSG, urlPath, ex));
return;
}
if (urlPath == null || urlPath.toLowerCase().startsWith("file:") || urlPath.toLowerCase().startsWith("file%3") || !urlPath.toLowerCase().startsWith("http")) { if (urlPath == null || urlPath.toLowerCase().startsWith("file:") || urlPath.toLowerCase().startsWith("file%3") || !urlPath.toLowerCase().startsWith("http")) {
logger.info("读取跨域文件异常,可能存在非法访问,urlPath:{}", urlPath); logger.info("读取跨域文件异常,可能存在非法访问,urlPath:{}", urlPath);
return; return;

4
server/src/main/resources/web/pdf.ftl
Unescape View File

@ -25,7 +25,7 @@
var url = '${finalUrl}'; var url = '${finalUrl}';
var baseUrl = '${baseUrl}'.endsWith('/') ? '${baseUrl}' : '${baseUrl}' + '/'; var baseUrl = '${baseUrl}'.endsWith('/') ? '${baseUrl}' : '${baseUrl}' + '/';
if (!url.startsWith(baseUrl)) { if (!url.startsWith(baseUrl)) {
url = baseUrl + 'getCorsFile?urlPath=' + encodeURIComponent(url); url = baseUrl + 'getCorsFile?urlPath=' + encodeURIComponent(Base64.encode(url));
} }
document.getElementsByTagName('iframe')[0].src = "${baseUrl}pdfjs/web/viewer.html?file=" + encodeURIComponent(url) + "&disablepresentationmode=${pdfPresentationModeDisable}&disableopenfile=${pdfOpenFileDisable}&disableprint=${pdfPrintDisable}&disabledownload=${pdfDownloadDisable}&disablebookmark=${pdfBookmarkDisable}"; document.getElementsByTagName('iframe')[0].src = "${baseUrl}pdfjs/web/viewer.html?file=" + encodeURIComponent(url) + "&disablepresentationmode=${pdfPresentationModeDisable}&disableopenfile=${pdfOpenFileDisable}&disableprint=${pdfPrintDisable}&disabledownload=${pdfDownloadDisable}&disablebookmark=${pdfBookmarkDisable}";
document.getElementsByTagName('iframe')[0].height = document.documentElement.clientHeight - 10; document.getElementsByTagName('iframe')[0].height = document.documentElement.clientHeight - 10;
@ -52,4 +52,4 @@
initWaterMark(); initWaterMark();
} }
</script> </script>
</html> </html>

Write Preview
Loading…
Cancel
Save