diff --git a/.gitignore b/.gitignore index 7f9ea881f..dc8aacb74 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,6 @@ nbdist/ server/src/main/cache/ server/src/main/file/ +### temp files ### +__pycache__/ +*.dmp \ No newline at end of file diff --git a/server/src/main/config/application.properties b/server/src/main/config/application.properties index 251f5d691..bbe64cdba 100644 --- a/server/src/main/config/application.properties +++ b/server/src/main/config/application.properties @@ -2,6 +2,7 @@ server.port = ${KK_SERVER_PORT:8012} server.servlet.context-path= ${KK_CONTEXT_PATH:/} server.servlet.encoding.charset = utf-8 +server.forward-headers-strategy=NATIVE #启用GZIP压缩功能 server.compression.enabled = true #允许压缩的响应缓冲区最小字节数,默认2048 diff --git a/server/src/main/java/cn/keking/web/filter/BaseUrlFilter.java b/server/src/main/java/cn/keking/web/filter/BaseUrlFilter.java index f7a0ee8e3..1a356ca35 100644 --- a/server/src/main/java/cn/keking/web/filter/BaseUrlFilter.java +++ b/server/src/main/java/cn/keking/web/filter/BaseUrlFilter.java @@ -48,7 +48,9 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha baseUrl = configBaseUrl; } else { //3、默认动态拼接 baseUrl - baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + String port = (("https".equals(request.getScheme()) && request.getServerPort() == 443)) || ("http".equals(request.getScheme()) && request.getServerPort() == 80) + ? "" : ":" + request.getServerPort(); + baseUrl = request.getScheme() + "://" + request.getServerName() + port + servletRequest.getContextPath() + "/"; } diff --git a/server/src/main/java/cn/keking/web/filter/TrustHostFilter.java b/server/src/main/java/cn/keking/web/filter/TrustHostFilter.java index e40120471..ac52407a2 100644 --- a/server/src/main/java/cn/keking/web/filter/TrustHostFilter.java +++ b/server/src/main/java/cn/keking/web/filter/TrustHostFilter.java @@ -13,6 +13,7 @@ import javax.servlet.ServletResponse; import org.apache.commons.collections4.CollectionUtils; +import org.apache.commons.lang3.StringUtils; import org.springframework.core.io.ClassPathResource; import org.springframework.util.FileCopyUtils; @@ -51,11 +52,19 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha } public boolean isNotTrustHost(String host) { - if (CollectionUtils.isNotEmpty(ConfigConstants.getNotTrustHostSet())) { - return ConfigConstants.getNotTrustHostSet().contains(host); - } - if (CollectionUtils.isNotEmpty(ConfigConstants.getTrustHostSet())) { - return !ConfigConstants.getTrustHostSet().contains(host); + while(StringUtils.isNotBlank(host)){ + if (CollectionUtils.isNotEmpty(ConfigConstants.getNotTrustHostSet()) && ConfigConstants.getNotTrustHostSet().contains(host)) { + return true; + } + if (CollectionUtils.isNotEmpty(ConfigConstants.getTrustHostSet()) && ConfigConstants.getTrustHostSet().contains(host)) { + return false; + } + //try sub domain + if (host.contains(".")) { + host = host.substring(host.indexOf(".")+1); + } else { + return false; + } } return false; } diff --git a/server/src/main/resources/web/fileNotSupported.ftl b/server/src/main/resources/web/fileNotSupported.ftl index 78a3d5e46..23f2a8de5 100644 --- a/server/src/main/resources/web/fileNotSupported.ftl +++ b/server/src/main/resources/web/fileNotSupported.ftl @@ -33,12 +33,26 @@
- + - 该(${fileType})文件,系统暂不支持在线预览,具体原因如下: + 该(${fileType})文件,系统暂不支持在线预览,具体原因如下:

${msg}

 + + 你可以 下载 文件(  )本地查看。 +

有任何疑问,请加入kk开源社区知识星球咨询:https://t.zsxq.com/09ZHSXbsQ

+ diff --git a/server/src/main/resources/web/main/index.ftl b/server/src/main/resources/web/main/index.ftl index c4ebb5f7d..69de3aa62 100644 --- a/server/src/main/resources/web/main/index.ftl +++ b/server/src/main/resources/web/main/index.ftl @@ -245,7 +245,7 @@ + '|' // 允许IP和DOMAIN(域名) + '(localhost)|' //匹配localhost + '([\\w_!~*\'()-]+\\.)*' // 域名- 至少一个[英文或数字_!~*\'()-]加上. - + '\\w+\\.' // 一级域名 -英文或数字 加上. + + '[\\w_-]+\\.' // 一级域名 -_英文或数字 加上. + '[a-zA-Z]{1,6})' // 顶级域名- 1-6位英文 + '(:[0-9]{1,5})?' // 端口- :80 ,1-5位数字 + '((/?)|' // url无参数结尾 - 斜杆或这没有 diff --git a/server/src/main/resources/web/main/integrated.ftl b/server/src/main/resources/web/main/integrated.ftl index 5ca111507..e7a6f8d8f 100644 --- a/server/src/main/resources/web/main/integrated.ftl +++ b/server/src/main/resources/web/main/integrated.ftl @@ -32,7 +32,7 @@ <#-- 接入说明 -->

接入说明

- 本文档针对前端项目接入 kkFileView 的说明,并假设 kkFileView 的服务地址为:http://127.0.0.1:8012。 + 本文档针对前端项目接入 kkFileView 的说明,并假设 kkFileView 的服务地址为:${baseUrl}。
@@ -40,7 +40,7 @@ 【http/https 资源文件预览】如果你的项目需要接入文件预览项目,达到对docx、excel、ppt、jpg等文件的预览效果,那么通过在你的项目中加入下面的代码就可以成功实现:

var url = 'http://127.0.0.1:8080/file/test.txt'; //要预览文件的访问地址
- window.open('http://127.0.0.1:8012/onlinePreview?url='+encodeURIComponent(base64Encode(url))); + window.open('${baseUrl}onlinePreview?url='+encodeURIComponent(base64Encode(url)));


@@ -49,7 +49,7 @@

var originUrl = 'http://127.0.0.1:8080/filedownload?fileId=1'; //要预览文件的访问地址
var previewUrl = originUrl + '&fullfilename=test.txt'
- window.open('http://127.0.0.1:8012/onlinePreview?url='+encodeURIComponent(Base64.encode(previewUrl))); + window.open('${baseUrl}onlinePreview?url='+encodeURIComponent(Base64.encode(previewUrl)));


@@ -57,7 +57,7 @@ 【ftp 资源文件预览】如果要预览的FTP url是可以匿名访问的(不需要用户名密码),则可以直接通过下载url预览,示例如下

var url = 'ftp://127.0.0.1/file/test.txt'; //要预览文件的访问地址
- window.open('http://127.0.0.1:8012/onlinePreview?url='+encodeURIComponent(Base64.encode(url))); + window.open('${baseUrl}onlinePreview?url='+encodeURIComponent(Base64.encode(url)));


@@ -66,7 +66,7 @@

var originUrl = 'ftp://127.0.0.1/file/test.txt'; //要预览文件的访问地址
var previewUrl = originUrl + '?ftp.username=xx&ftp.password=xx&ftp.control.encoding=xx';
- window.open('http://127.0.0.1:8012/onlinePreview?url='+encodeURIComponent(Base64.encode(previewUrl))); + window.open('${baseUrl}onlinePreview?url='+encodeURIComponent(Base64.encode(previewUrl)));