refactor:富文本内容默认对 XSS 代码进行清理

2024-11-21 22:55:36 +00:00 · 2023-08-02 15:47:33 +08:00 · 2023-08-02 15:47:33 +08:00 · e5edc6f750
commit e5edc6f750
parent 5b03f2bcbb
2 changed files with 2 additions and 2 deletions
--- a/app/admin/controller/crud/Crud.php
+++ b/app/admin/controller/crud/Crud.php
@ -742,7 +742,7 @@ class Crud extends Backend
    {
        if ($field['designType'] == 'editor') {
            $this->formVueData['bigDialog']     = 'true'; // form 使用较宽的 Dialog
-            $this->controllerData['filterRule'] = "\n" . Helper::tab(2) . '$this->request->filter(\'trim,htmlspecialchars\');';// 修改变量过滤规则
+            $this->controllerData['filterRule'] = "\n" . Helper::tab(2) . '$this->request->filter(\'clean_xss\');';// 修改变量过滤规则
        }

        // 默认排序字段
--- a/app/admin/controller/routine/Config.php
+++ b/app/admin/controller/routine/Config.php
@ -62,7 +62,7 @@ class Config extends Backend
        $all = $this->model->select();
        foreach ($all as $item) {
            if ($item['type'] == 'editor') {
-                $this->request->filter('trim,htmlspecialchars');
+                $this->request->filter('clean_xss');
                break;
            }
        }