修复模块显示安全性问题

2023-01-05 03:41:32 +08:00 · 2023-01-05 03:41:32 +08:00 · 28932babe3
commit 28932babe3
parent d1f07c80c7
1 changed files with 22 additions and 19 deletions
--- a/resources/views/components/module-script.blade.php
+++ b/resources/views/components/module-script.blade.php
@ -1,23 +1,26 @@
-{{--<span class="module_name" module="{{ $t->module_id }}">{{ $t->module_id }}</span>--}}
-<script>
-    let modules = {!! $modules !!},
-        display_name = "{{ config('app.display_name') }}"
+@auth
+    {{--<span class="module_name" module="{{ $t->module_id }}">{{ $t->module_id }}</span>--}}
+    <script>
+        let modules = {!! $modules !!},
+            display_name = "{{ config('app.display_name') }}"

-    let m = {}
-    modules.forEach((module) => {
-        //    转换成 key value
-        m[module.id] = module.name
+        let m = {}
+        modules.forEach((module) => {
+            //    转换成 key value
+            m[module.id] = module.name

-    })
+        })

-    document.querySelectorAll('.module_name').forEach((node) => {
-        let module = node.getAttribute('module')
+        document.querySelectorAll('.module_name').forEach((node) => {
+            let module = node.getAttribute('module')

-        if (module == null || module === "") {
-            node.innerText = display_name
-        } else {
-            console.log(module)
-            node.innerText = m[module] ?? '模块'
-        }
-    })
-</script>
+            if (module == null || module === "") {
+                node.innerText = display_name
+            } else {
+                console.log(module)
+                node.innerText = m[module] ?? '模块'
+            }
+        })
+    </script>
+
+@endauth