修复模块显示安全性问题

2023-01-05 03:41:32 +08:00 · 2023-01-05 03:41:32 +08:00 · 28932babe3
commit 28932babe3
parent d1f07c80c7
1 changed files with 22 additions and 19 deletions
--- a/resources/views/components/module-script.blade.php
+++ b/resources/views/components/module-script.blade.php
@ -1,23 +1,26 @@
-{{--<span class="module_name" module="{{ $t->module_id }}">{{ $t->module_id }}</span>--}}
+@auth
-<script>
+    {{--<span class="module_name" module="{{ $t->module_id }}">{{ $t->module_id }}</span>--}}
-    let modules = {!! $modules !!},
+    <script>
-        display_name = "{{ config('app.display_name') }}"
+        let modules = {!! $modules !!},
            display_name = "{{ config('app.display_name') }}"
-    let m = {}
+        let m = {}
-    modules.forEach((module) => {
+        modules.forEach((module) => {
-        //    转换成 key value
+            //    转换成 key value
-        m[module.id] = module.name
+            m[module.id] = module.name
-    })
+        })
-    document.querySelectorAll('.module_name').forEach((node) => {
+        document.querySelectorAll('.module_name').forEach((node) => {
-        let module = node.getAttribute('module')
+            let module = node.getAttribute('module')
-        if (module == null || module === "") {
+            if (module == null || module === "") {
-            node.innerText = display_name
+                node.innerText = display_name
-        } else {
+            } else {
-            console.log(module)
+                console.log(module)
-            node.innerText = m[module] ?? '模块'
+                node.innerText = m[module] ?? '模块'
-        }
+            }
-    })
+        })
-</script>
+    </script>
@endauth