From 03c3e3cfc1262e26a218a4b8340c0a53ca3065c6 Mon Sep 17 00:00:00 2001
From: zhou zhou <3272660260@qq.com>
Date: 星期四, 09 四月 2026 13:37:08 +0800
Subject: [PATCH] #logo和高危修复
---
rsf-server/src/main/java/com/vincent/rsf/server/system/controller/ProjectLogoController.java | 23 ++++++++++++++++++++++-
1 files changed, 22 insertions(+), 1 deletions(-)
diff --git a/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/ProjectLogoController.java b/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/ProjectLogoController.java
index dff5dee..dfa2f2b 100644
--- a/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/ProjectLogoController.java
+++ b/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/ProjectLogoController.java
@@ -81,7 +81,12 @@
.eq(Config::getFlag, flag)
.eq(Config::getStatus, StatusType.ENABLE.val)
.last("limit 1"));
- return R.ok().add(configs.stream().findFirst().orElse(null));
+
+ Config config = configs.stream().findFirst().orElse(null);
+ if (config != null && PROJECT_LOGO_FLAG.equals(flag)) {
+ config.setVal(resolveProjectLogoValue(config.getVal()));
+ }
+ return R.ok().add(config);
}
@PreAuthorize("hasAnyAuthority('system:config:save','system:config:update')")
@@ -155,6 +160,22 @@
return resolvedPath;
}
+ private String resolveProjectLogoValue(String value) {
+ if (!StringUtils.hasText(value)) {
+ return "";
+ }
+ int pathIndex = value.indexOf("?path=");
+ if (pathIndex < 0) {
+ return value;
+ }
+ String relativePath = value.substring(pathIndex + 6);
+ if (!StringUtils.hasText(relativePath)) {
+ return "";
+ }
+ File file = resolveLogoPath(relativePath).toFile();
+ return file.exists() && file.isFile() ? value : "";
+ }
+
private String resolveImageContentType(String fileName) {
String normalizedName = StringUtils.hasText(fileName) ? fileName.toLowerCase(Locale.ROOT) : "";
if (normalizedName.endsWith(".png")) {
--
Gitblit v1.9.1