Skip to content

Commit

Permalink
update to v1.0.33-release
Browse files Browse the repository at this point in the history
  • Loading branch information
KOHGYLW committed May 18, 2020
1 parent 7e44880 commit 2a81d74
Show file tree
Hide file tree
Showing 8 changed files with 38 additions and 29 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,9 @@ _注:kift为该功能的开发名称,其实际成果命名为kiftd。_

> 提示:当您更新版本后,请手动清除浏览器的缓存,之后刷新网盘主页以确保数据文件保持最新!否则可能导致新版页面功能无法使用。
### 常规更新v1.0.32
### 常规更新v1.0.33
_本次更新为维护性的更新,修复一些已经发现的问题并优化使用体验,推荐所有用户升级。_
+ 修复了当文件名中含有空格时,Firefox浏览器无法以正确的文件名进行下载的问题
+ 升级了内置的图片预览插件,并修复了一个存在于“图片预览”功能中的安全性漏洞
+ 进一步完善了文件系统。


Expand Down
Binary file not shown.
Binary file modified kiftd说明文档.pdf
Binary file not shown.
6 changes: 3 additions & 3 deletions webContext/css/viewer.min.css

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion webContext/home.html
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<!doctype html>
<!-- 青阳网络文件传输系统 kiftd v1.0.32-RELEASE -->
<!-- 青阳网络文件传输系统 kiftd v1.0.33-RELEASE -->
<!-- 欢迎访问主界面 -->
<!-- by 青阳龙野([email protected]) -->
<html>
Expand Down
43 changes: 26 additions & 17 deletions webContext/js/home.js
Original file line number Diff line number Diff line change
Expand Up @@ -988,8 +988,7 @@ function showFolderTable(folderView) {

// 根据一个文件对象生成对应的文件行的HTML内容
function createFileRow(fi, aL, aD, aR, aO) {
fi.fileName = fi.fileName.replace(/\'/g, '&#39;').replace(/</g, '&lt;')
.replace(/>/g, '&gt;');
fi.fileName = html2Escape(fi.fileName);
var fileRow = "<tr id=" + fi.fileId + " onclick='checkfile(event," + '"'
+ fi.fileId + '"' + ")' ondblclick='checkConsFile(event," + '"'
+ fi.fileId + '"' + ")' id='" + fi.fileId
Expand Down Expand Up @@ -1146,8 +1145,7 @@ function createFileRow(fi, aL, aD, aR, aO) {

// 根据一个文件夹对象生成对应的文件行的HTML内容
function createNewFolderRow(f, aD, aR, aO) {
f.folderName = f.folderName.replace(/\'/g, '&#39;').replace(/</g, '&lt;')
.replace(/>/g, '&gt;');
f.folderName = html2Escape(f.folderName);
var folderRow = "<tr id='"
+ f.folderId
+ "' onclick='checkfile(event,"
Expand Down Expand Up @@ -1600,10 +1598,8 @@ function doupload(count) {
$("#filecount").text("(" + count + "/" + fcount + ")");// 显示当前进度
}
$("#uploadstatus").prepend(
"<p>"
+ fname.replace(/\'/g, '&#39;').replace(/</g, '&lt;')
.replace(/>/g, '&gt;') + "<span id='uls_"
+ count + "'>[正在上传...]</span></p>");
"<p>" + html2Escape(fname) + "<span id='uls_" + count
+ "'>[正在上传...]</span></p>");
xhr = new XMLHttpRequest();// 这东西类似于servlet里面的request

var fd = new FormData();// 用于封装文件数据的对象
Expand Down Expand Up @@ -1970,7 +1966,8 @@ function createViewList() {
for (var i = 0; i < pvl.pictureViewList.length; i++) {
$(images).append(
"<li><img src='" + pvl.pictureViewList[i].url + "' alt='"
+ pvl.pictureViewList[i].fileName + "' /></li>");
+ html2Escape(pvl.pictureViewList[i].fileName)
+ "' /></li>");
}
viewer = $(images);
viewer.viewer({
Expand All @@ -1997,11 +1994,13 @@ function createViewListByPage() {
for (var i = 0; i < viewerPageSize
&& i < (pvl.pictureViewList.length - (viewerPageIndex - 1)
* viewerPageSize); i++) {
$(images).append(
"<li><img src='" + pvl.pictureViewList[startIndex + i].url
+ "' alt='"
+ pvl.pictureViewList[startIndex + i].fileName
+ "' /></li>");
$(images)
.append(
"<li><img src='"
+ pvl.pictureViewList[startIndex + i].url
+ "' alt='"
+ html2Escape(pvl.pictureViewList[startIndex
+ i].fileName) + "' /></li>");
}
if (viewerPageIndex < viewerTotal) {
$(images).append("<li><img src='css/right.png' alt='下一页' /></li>");
Expand Down Expand Up @@ -3278,9 +3277,7 @@ function iteratorImport(i, newFolderName) {
$("#importcount").text("(" + (i + 1) + "/" + fcount + ")");// 显示当前进度
}
$("#importstatus").prepend(
"<p>"
+ fname.replace(/\'/g, '&#39;').replace(/</g, '&lt;')
.replace(/>/g, '&gt;') + "<span id='ils_" + i
"<p>" + html2Escape(fname) + "<span id='ils_" + i
+ "'>[正在上传...]</span></p>");
xhr = new XMLHttpRequest();// 这东西类似于servlet里面的request

Expand Down Expand Up @@ -3823,4 +3820,16 @@ function updateTheFolderInfo() {
// 替换所有引号,将其进一步转义,主要用于传递带引号的文件名
function replaceAllQuotationMarks(txt) {
return txt.replace(/\"/g, "\\\"");
}

// 对所有可能进入html的字符串进行转义操作
function html2Escape(sHtml) {
return sHtml.replace(/[<>&\']/g, function(c) {
return {
'<' : '&lt;',
'>' : '&gt;',
'&' : '&amp;',
'\'' : '&#39;'
}[c];
});
}
6 changes: 3 additions & 3 deletions webContext/js/home.min.js

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions webContext/js/viewer.min.js

Large diffs are not rendered by default.

0 comments on commit 2a81d74

Please sign in to comment.