Skip to content
Permalink
Browse files Browse the repository at this point in the history
标签页xss修复
  • Loading branch information
sanluan committed Sep 14, 2022
1 parent 1dd2f1d commit a972dc9
Showing 1 changed file with 9 additions and 13 deletions.
22 changes: 9 additions & 13 deletions publiccms-parent/publiccms/src/main/webapp/resource/js/dwz.min.js
Expand Up @@ -1942,15 +1942,11 @@ function initLink($p) {
$("a[target=navTab]", $p).each(function() {
$(this).click(function(event) {
var $this = $(this);
var title = $this.attr("title") || $this.text();
var title = $this.attr("title") || $this.text();
if(title){
title = title.replace(/<[^>]*>/gi,"");
}
var titleHtml = $this.attr("title") || $this.html();
var icon = $this.attr("icon");
if(icon){
titleHtml = icon + " " + titleHtml;
}
var icon = $this.attr("icon") || $this.find("i").prop("outerHTML");
var tabid = $this.attr("rel") || "_blank";
var fresh = eval($this.attr("fresh") || "true");
var external = eval($this.attr("external") || "false");
Expand All @@ -1962,7 +1958,7 @@ function initLink($p) {
return false;
}
navTab.openTab(tabid, url, {
title: title, titleHtml: titleHtml, fresh: fresh, external: external, focusNewWindow:newWindow
title: title, icon: icon, fresh: fresh, external: external, focusNewWindow:newWindow
});
return false;
});
Expand All @@ -1972,7 +1968,7 @@ function initLink($p) {
$("a[target=dialog]", $p).each(function() {
$(this).click(function(event) {
var $this = $(this);
var title = $this.attr("title") || $this.html();
var title = $this.attr("title") || $this.text();
var rel = $this.attr("rel") || "_blank";
var options = {};
var w = $this.attr("width");
Expand Down Expand Up @@ -2675,7 +2671,7 @@ var navTab = {
openTab: function(tabid, url, options) { // if found tabid replace tab,
// else create a new tab.
var op = $.extend({
title: "New Tab", titleHtml: "New Tab", data: {}, fresh: true, external: false, focusNewWindow:false
title: "New Tab", icon: "", data: {}, fresh: true, external: false, focusNewWindow:false
}, options);
var iOpenIndex = this._indexTabId(tabid);
if (iOpenIndex >= 0 && !op.focusNewWindow) {
Expand All @@ -2701,8 +2697,8 @@ var navTab = {
tabid += Math.round(Math.random() * 10000000);
}
this._getPanels().eq(this._currentIndex).after('<div class="page unitBox"></div>');
this._getTabs().eq(this._currentIndex).after($('<li tabid="' + tabid + '"><a href="javascript:;" class="close"><i class="icon-remove-sign"></i></a></li>').attr('tabid',tabid).append($('<a href="javascript:"></a>').attr('title',op.title).html(op.titleHtml)));
this._getMoreLi().eq(this._currentIndex).after($('<li></li>').append($('<a href="javascript:"></a>').attr('title',op.title).html(op.titleHtml)));
this._getTabs().eq(this._currentIndex).after($('<li><a href="javascript:;" class="close"><i class="icon-remove-sign"></i></a></li>').attr('tabid',tabid).prepend($('<a href="javascript:"></a>').attr('title',op.title).text(op.title).prepend(op.icon)));
this._getMoreLi().eq(this._currentIndex).after($('<li></li>').append($('<a href="javascript:"></a>').attr('title',op.title).text(op.title).prepend(op.icon)));
var $tabs = this._getTabs();
var $tab = $tabs.eq(this._currentIndex+1);
var $panel = this._getPanels().eq(this._currentIndex+1);
Expand Down Expand Up @@ -2992,7 +2988,7 @@ var navTab = {
}
if (op.fresh || url != dialog.data("url") ) {
dialog.data("url", url);
dialog.find(".dialogHeader").find("h1").html(title);
dialog.find(".dialogHeader").find("h1").text(title);
this.switchDialog(dialog);
var jDContent = dialog.find(".dialogContent");
jDContent.loadUrl(url, {}, function() {
Expand All @@ -3018,7 +3014,7 @@ var navTab = {
dialog.data("param", options.param);
}
( $.fn.bgiframe && dialog.bgiframe() );
dialog.find(".dialogHeader").find("h1").html(title);
dialog.find(".dialogHeader").find("h1").text(title);
dialog.css("zIndex", ( $.pdialog._zIndex += 2 ));
$.pdialog._init(dialog, options);
dialog.click(function() {
Expand Down

0 comments on commit a972dc9

Please sign in to comment.