mirror of
https://github.com/yangzongzhuan/RuoYi.git
synced 2026-01-18 16:34:59 +00:00
修改Thymeleaf变量,防止SSTI RCE风险
This commit is contained in:
RuoYi
@@ -273,7 +273,7 @@ public class DemoFormController
|
|||||||
* @param taskName 任务名称
|
* @param taskName 任务名称
|
||||||
*/
|
*/
|
||||||
@PostMapping("/localrefresh/task")
|
@PostMapping("/localrefresh/task")
|
||||||
public String localRefreshTask(String fragment, String taskName, ModelMap mmap)
|
public String localRefreshTask(String taskName, ModelMap mmap)
|
||||||
{
|
{
|
||||||
JSONArray list = new JSONArray();
|
JSONArray list = new JSONArray();
|
||||||
JSONObject item = new JSONObject();
|
JSONObject item = new JSONObject();
|
||||||
@@ -287,7 +287,7 @@ public class DemoFormController
|
|||||||
item.put("date", "2018.06.12");
|
item.put("date", "2018.06.12");
|
||||||
list.add(item);
|
list.add(item);
|
||||||
mmap.put("tasks", list);
|
mmap.put("tasks", list);
|
||||||
return prefix + "/localrefresh::" + fragment;
|
return prefix + "/localrefresh::fragment-tasklist";
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -36,29 +36,29 @@ public class CacheController extends BaseController
|
|||||||
|
|
||||||
@RequiresPermissions("monitor:cache:view")
|
@RequiresPermissions("monitor:cache:view")
|
||||||
@PostMapping("/getNames")
|
@PostMapping("/getNames")
|
||||||
public String getCacheNames(String fragment, ModelMap mmap)
|
public String getCacheNames(ModelMap mmap)
|
||||||
{
|
{
|
||||||
mmap.put("cacheNames", cacheService.getCacheNames());
|
mmap.put("cacheNames", cacheService.getCacheNames());
|
||||||
return prefix + "/cache::" + fragment;
|
return prefix + "/cache::fragment-cache-names";
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequiresPermissions("monitor:cache:view")
|
@RequiresPermissions("monitor:cache:view")
|
||||||
@PostMapping("/getKeys")
|
@PostMapping("/getKeys")
|
||||||
public String getCacheKeys(String fragment, String cacheName, ModelMap mmap)
|
public String getCacheKeys(String cacheName, ModelMap mmap)
|
||||||
{
|
{
|
||||||
mmap.put("cacheName", cacheName);
|
mmap.put("cacheName", cacheName);
|
||||||
mmap.put("cacheKeys", cacheService.getCacheKeys(cacheName));
|
mmap.put("cacheKeys", cacheService.getCacheKeys(cacheName));
|
||||||
return prefix + "/cache::" + fragment;
|
return prefix + "/cache::fragment-cache-kyes";
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequiresPermissions("monitor:cache:view")
|
@RequiresPermissions("monitor:cache:view")
|
||||||
@PostMapping("/getValue")
|
@PostMapping("/getValue")
|
||||||
public String getCacheValue(String fragment, String cacheName, String cacheKey, ModelMap mmap)
|
public String getCacheValue(String cacheName, String cacheKey, ModelMap mmap)
|
||||||
{
|
{
|
||||||
mmap.put("cacheName", cacheName);
|
mmap.put("cacheName", cacheName);
|
||||||
mmap.put("cacheKey", cacheKey);
|
mmap.put("cacheKey", cacheKey);
|
||||||
mmap.put("cacheValue", cacheService.getCacheValue(cacheName, cacheKey));
|
mmap.put("cacheValue", cacheService.getCacheValue(cacheName, cacheKey));
|
||||||
return prefix + "/cache::" + fragment;
|
return prefix + "/cache::fragment-cache-value";
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequiresPermissions("monitor:cache:view")
|
@RequiresPermissions("monitor:cache:view")
|
||||||
|
|||||||
@@ -48,8 +48,7 @@
|
|||||||
type: "post",
|
type: "post",
|
||||||
url: ctx + "demo/form/localrefresh/task",
|
url: ctx + "demo/form/localrefresh/task",
|
||||||
data: {
|
data: {
|
||||||
"taskName": $("#task-name").val(),
|
"taskName": $("#task-name").val()
|
||||||
"fragment":'fragment-tasklist'
|
|
||||||
},
|
},
|
||||||
success: function(data) {
|
success: function(data) {
|
||||||
$("#tasklist").html(data);
|
$("#tasklist").html(data);
|
||||||
|
|||||||
@@ -105,9 +105,6 @@ function getCacheNames() {
|
|||||||
$.ajax({
|
$.ajax({
|
||||||
type: "post",
|
type: "post",
|
||||||
url: prefix + "/getNames",
|
url: prefix + "/getNames",
|
||||||
data: {
|
|
||||||
"fragment": 'fragment-cache-names'
|
|
||||||
},
|
|
||||||
success: function(data) {
|
success: function(data) {
|
||||||
$("#cacheNames").html(data);
|
$("#cacheNames").html(data);
|
||||||
$.modal.msgSuccess("刷新缓存列表成功");
|
$.modal.msgSuccess("刷新缓存列表成功");
|
||||||
@@ -121,8 +118,7 @@ function getCacheKeys(cacheName, isMsg) {
|
|||||||
type: "post",
|
type: "post",
|
||||||
url: prefix + "/getKeys",
|
url: prefix + "/getKeys",
|
||||||
data: {
|
data: {
|
||||||
"cacheName": _cacheName,
|
"cacheName": _cacheName
|
||||||
"fragment": 'fragment-cache-kyes'
|
|
||||||
},
|
},
|
||||||
success: function(data) {
|
success: function(data) {
|
||||||
$("#cacheKeys").html(data);
|
$("#cacheKeys").html(data);
|
||||||
@@ -140,8 +136,7 @@ function getCacheValue(cacheName, cacheKey) {
|
|||||||
url: prefix + "/getValue",
|
url: prefix + "/getValue",
|
||||||
data: {
|
data: {
|
||||||
"cacheName": cacheName,
|
"cacheName": cacheName,
|
||||||
"cacheKey": cacheKey,
|
"cacheKey": cacheKey
|
||||||
"fragment": 'fragment-cache-value'
|
|
||||||
},
|
},
|
||||||
success: function(data) {
|
success: function(data) {
|
||||||
$("#cacheValue").html(data);
|
$("#cacheValue").html(data);
|
||||||
|
|||||||
Reference in New Issue
Block a user