fe / yoho-shop-manage · Commits

Go to a project

Authored by 陈峰
Commit 350fee2d6b8adf41b2a1da4398b9c468a4cc99c2 1 parent 53cfc5c2

editor-safe

Inline Side-by-side
Showing 12 changed files with 29 additions and 54 deletions
1 -<template>  
2 - <editor v-bind="$attrs" v-on="$listeners"></editor>  
3 -</template>  
4 -  
5 -<script>  
6 -import xss from 'util/xss';  
7 -  
8 -export default {  
9 - name: 'editor-safe',  
10 - created() {  
11 - this.$listeners.change = this.change;  
12 - },  
13 - methods: {  
14 - change(val) {  
15 - let currentVal = val;  
16 -  
17 - val = xss.replaceScript(val);  
18 - this.$emit('change', val);  
19 - if (currentVal !== val) {  
20 - this.value = val;  
21 - this.$Message.error('输入内容有敏感字符,已自动清除');  
22 - }  
23 - }  
24 - }  
25 -};  
26 -</script>  
27 -  
28 -<style>  
29 -  
30 -</style>  
1 import Editor from './editor'; 1 import Editor from './editor';
2 -import EditorSafe from './editor-safe';  
3 2
4 export { 3 export {
5 - Editor,  
6 - EditorSafe 4 + Editor
7 }; 5 };
@@ -9,7 +9,7 @@ import LayoutTab from './layout-tab'; @@ -9,7 +9,7 @@ import LayoutTab from './layout-tab';
9 import LayoutFilter from './layout-filter'; 9 import LayoutFilter from './layout-filter';
10 import LayoutPrint from './layout-print'; 10 import LayoutPrint from './layout-print';
11 import ActionGroup from './action-group'; 11 import ActionGroup from './action-group';
12 -import {Editor, EditorSafe} from './editor'; 12 +import {Editor} from './editor';
13 import FileUpload from './file-upload'; 13 import FileUpload from './file-upload';
14 import DragFileUpload from './drag-file-upload'; 14 import DragFileUpload from './drag-file-upload';
15 import IFrame from './iframe'; 15 import IFrame from './iframe';
@@ -28,7 +28,6 @@ export default { @@ -28,7 +28,6 @@ export default {
28 LayoutPrint, 28 LayoutPrint,
29 ActionGroup, 29 ActionGroup,
30 Editor, 30 Editor,
31 - EditorSafe,  
32 FileUpload, 31 FileUpload,
33 DragFileUpload, 32 DragFileUpload,
34 IFrame, 33 IFrame,
@@ -19,7 +19,7 @@ @@ -19,7 +19,7 @@
19 </template> 19 </template>
20 20
21 <script> 21 <script>
22 -import cache from 'cache'; 22 +import cache from 'util/cache';
23 23
24 export default { 24 export default {
25 name: 'layout', 25 name: 'layout',
@@ -118,7 +118,7 @@ @@ -118,7 +118,7 @@
118 118
119 <Row> 119 <Row>
120 <Col> 120 <Col>
121 - <editor-safe :content="desc" :z-index="2" @change="updateProductDesc"></editor-safe> 121 + <editor :content="desc" :z-index="2" @change="updateProductDesc"></editor>
122 </Col> 122 </Col>
123 </Row> 123 </Row>
124 124
@@ -218,7 +218,7 @@ @@ -218,7 +218,7 @@
218 </template> 218 </template>
219 219
220 <script> 220 <script>
221 - 221 +import xss from 'xss';
222 import ProductCreateService from 'services/product/product-create-service'; 222 import ProductCreateService from 'services/product/product-create-service';
223 import {step3} from '../store'; 223 import {step3} from '../store';
224 224
@@ -272,7 +272,7 @@ export default { @@ -272,7 +272,7 @@ export default {
272 let result = { 272 let result = {
273 productSkn: this.product.productSkn, 273 productSkn: this.product.productSkn,
274 id: this.product.productId, 274 id: this.product.productId,
275 - productIntro: this.desc, 275 + productIntro: xss(this.desc),
276 goodsImagesReqStr: JSON.stringify(this.handleImage()), 276 goodsImagesReqStr: JSON.stringify(this.handleImage()),
277 productStandardRelationStr: JSON.stringify(this.handleRelation()), 277 productStandardRelationStr: JSON.stringify(this.handleRelation()),
278 attributeProValuesOne: JSON.stringify(this.handleOne()), 278 attributeProValuesOne: JSON.stringify(this.handleOne()),
@@ -81,9 +81,9 @@ @@ -81,9 +81,9 @@
81 <div class="create-item-title">商品描述 81 <div class="create-item-title">商品描述
82 <span class="create-group-sub-title">(详情页内容)</span> 82 <span class="create-group-sub-title">(详情页内容)</span>
83 </div> 83 </div>
84 - <editor-safe :content="product.productIntro" 84 + <editor :content="product.productIntro"
85 @change="updateProductDesc" 85 @change="updateProductDesc"
86 - :z-index="2"></editor-safe> 86 + :z-index="2"></editor>
87 <div class="create-item-title">商品属性 87 <div class="create-item-title">商品属性
88 <span class="create-group-sub-title">(请认真选择所列的属性项,所填内容会对商品搜索、智能推荐等功能产生影响,从而影响商品曝光展示)</span> 88 <span class="create-group-sub-title">(请认真选择所列的属性项,所填内容会对商品搜索、智能推荐等功能产生影响,从而影响商品曝光展示)</span>
89 </div> 89 </div>
@@ -120,7 +120,7 @@ @@ -120,7 +120,7 @@
120 </template> 120 </template>
121 <script> 121 <script>
122 import _ from 'lodash'; 122 import _ from 'lodash';
123 - 123 +import xss from 'xss';
124 import ProductCreateService from 'services/product/product-create-service'; 124 import ProductCreateService from 'services/product/product-create-service';
125 import ProductService from 'services/product/product-service'; 125 import ProductService from 'services/product/product-service';
126 import {edit} from './store'; 126 import {edit} from './store';
@@ -496,7 +496,7 @@ export default { @@ -496,7 +496,7 @@ export default {
496 newProduct.attributeProValuesTwo = 496 newProduct.attributeProValuesTwo =
497 JSON.stringify(this.productCreateService.handleValue(this.product.productSkn, this.model.attributeProValuesTwo)); 497 JSON.stringify(this.productCreateService.handleValue(this.product.productSkn, this.model.attributeProValuesTwo));
498 newProduct.productMaterial = this.product.materialList.map(s => s.id).join(','); 498 newProduct.productMaterial = this.product.materialList.map(s => s.id).join(',');
499 - newProduct.productIntro = this.product.productIntro; 499 + newProduct.productIntro = xss(this.product.productIntro);
500 500
501 return newProduct; 501 return newProduct;
502 }, 502 },
@@ -24,8 +24,8 @@ @@ -24,8 +24,8 @@
24 <em class="upload-img-tip">尺寸要求150px*150px&nbsp;&nbsp;不大于500KB</em> 24 <em class="upload-img-tip">尺寸要求150px*150px&nbsp;&nbsp;不大于500KB</em>
25 </Form-item> 25 </Form-item>
26 <Form-item label="店铺简介:"> 26 <Form-item label="店铺简介:">
27 - <editor-safe :content="shopData.shopIntro" @change="updateData" :z-index="2">  
28 - </editor-safe> 27 + <editor :content="shopData.shopIntro" @change="updateData" :z-index="2">
  28 + </editor>
29 </Form-item> 29 </Form-item>
30 <Form-item label="品牌-供应商:"> 30 <Form-item label="品牌-供应商:">
31 <Table :columns="tableCols" width="700" :data="tableData"></Table> 31 <Table :columns="tableCols" width="700" :data="tableData"></Table>
@@ -38,7 +38,7 @@ @@ -38,7 +38,7 @@
38 </template> 38 </template>
39 39
40 <script> 40 <script>
41 - 41 + import xss from 'xss';
42 import ShopService from 'services/shop/shop-service'; 42 import ShopService from 'services/shop/shop-service';
43 43
44 const SHOPNATURE = { 44 const SHOPNATURE = {
@@ -100,7 +100,7 @@ @@ -100,7 +100,7 @@
100 shopRelationList: this.shopData.shopRelationList, 100 shopRelationList: this.shopData.shopRelationList,
101 shopsId: this.shopData.shopsId, 101 shopsId: this.shopData.shopsId,
102 shopsType: this.shopData.shopsType, 102 shopsType: this.shopData.shopsType,
103 - shopIntro: this.shopData.shopIntro 103 + shopIntro: xss(this.shopData.shopIntro)
104 }; 104 };
105 105
106 return result; 106 return result;
1 import axios from 'axios'; 1 import axios from 'axios';
2 import settle from 'axios/lib/core/settle'; 2 import settle from 'axios/lib/core/settle';
3 -import cache from 'cache'; 3 +import cache from 'util/cache';
4 import crypto from 'util/crypto'; 4 import crypto from 'util/crypto';
5 5
6 export default { 6 export default {
@@ -22,8 +22,8 @@ @@ -22,8 +22,8 @@
22 </div> 22 </div>
23 </Form-item> 23 </Form-item>
24 <Form-item label="简介:" prop="intro"> 24 <Form-item label="简介:" prop="intro">
25 - <editor-safe :content="modelData.intro" @change="editorChange" :z-index="2">  
26 - </editor-safe> 25 + <editor :content="modelData.intro" @change="editorChange" :z-index="2">
  26 + </editor>
27 </Form-item> 27 </Form-item>
28 <Form-item> 28 <Form-item>
29 <Button type="primary" @click="submit">保存</Button> 29 <Button type="primary" @click="submit">保存</Button>
@@ -46,10 +46,6 @@ module.exports = { @@ -46,10 +46,6 @@ module.exports = {
46 }, 46 },
47 modules: [ 47 modules: [
48 resolve(''), 48 resolve(''),
49 - resolve('scss'),  
50 - resolve('config'),  
51 - resolve('services'),  
52 - resolve('util'),  
53 'node_modules' 49 'node_modules'
54 ] 50 ]
55 }, 51 },
@@ -71,6 +71,7 @@ @@ -71,6 +71,7 @@
71 "vue-router": "^2.7.0", 71 "vue-router": "^2.7.0",
72 "vue-template-compiler": "^2.4.2", 72 "vue-template-compiler": "^2.4.2",
73 "xlsx2json": "^1.0.0", 73 "xlsx2json": "^1.0.0",
  74 + "xss": "^0.3.3",
74 "yoho-cookie": "^1.2.0", 75 "yoho-cookie": "^1.2.0",
75 "yoho-node-lib": "^0.2.18", 76 "yoho-node-lib": "^0.2.18",
76 "yoho-store": "^1.3.20" 77 "yoho-store": "^1.3.20"
@@ -1767,6 +1767,10 @@ cssesc@^0.1.0: @@ -1767,6 +1767,10 @@ cssesc@^0.1.0:
1767 version "0.1.0" 1767 version "0.1.0"
1768 resolved "http://npm.yoho.cn/cssesc/-/cssesc-0.1.0.tgz#c814903e45623371a0477b40109aaafbeeaddbb4" 1768 resolved "http://npm.yoho.cn/cssesc/-/cssesc-0.1.0.tgz#c814903e45623371a0477b40109aaafbeeaddbb4"
1769 1769
  1770 +cssfilter@0.0.9:
  1771 + version "0.0.9"
  1772 + resolved "http://npm.yoho.cn/cssfilter/-/cssfilter-0.0.9.tgz#8f5ceb3aabd768db539da4582b2152d63ef7715e"
  1773 +
1770 "cssnano@>=2.6.1 <4", cssnano@^3.4.0: 1774 "cssnano@>=2.6.1 <4", cssnano@^3.4.0:
1771 version "3.10.0" 1775 version "3.10.0"
1772 resolved "http://npm.yoho.cn/cssnano/-/cssnano-3.10.0.tgz#4f38f6cea2b9b17fa01490f23f1dc68ea65c1c38" 1776 resolved "http://npm.yoho.cn/cssnano/-/cssnano-3.10.0.tgz#4f38f6cea2b9b17fa01490f23f1dc68ea65c1c38"
@@ -6972,6 +6976,13 @@ xss-filters@^1.2.6: @@ -6972,6 +6976,13 @@ xss-filters@^1.2.6:
6972 version "1.2.7" 6976 version "1.2.7"
6973 resolved "http://npm.yoho.cn/xss-filters/-/xss-filters-1.2.7.tgz#59fa1de201f36f2f3470dcac5f58ccc2830b0a9a" 6977 resolved "http://npm.yoho.cn/xss-filters/-/xss-filters-1.2.7.tgz#59fa1de201f36f2f3470dcac5f58ccc2830b0a9a"
6974 6978
  6979 +xss@^0.3.3:
  6980 + version "0.3.3"
  6981 + resolved "http://npm.yoho.cn/xss/-/xss-0.3.3.tgz#a014360dee10317331f9e74258141f7ed03fc784"
  6982 + dependencies:
  6983 + commander "^2.9.0"
  6984 + cssfilter "0.0.9"
  6985 +
6975 "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0: 6986 "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0:
6976 version "4.0.1" 6987 version "4.0.1"
6977 resolved "http://npm.yoho.cn/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" 6988 resolved "http://npm.yoho.cn/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"