github/skywalking-booster-ui
3
0
Fork 1
mirror of https://github.com/apache/skywalking-booster-ui.git synced 2025-10-14 20:01:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: verify URL when viewing dashboards (#483)

Browse Source
This commit is contained in:
Fine0830
2025-07-17 18:03:41 +08:00
committed by GitHub
parent f472d551b6
commit 47cd6d22c0
3 changed files with 70 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/views/dashboard/controls/ThirdPartyApp.vue
View File

@@ -31,8 +31,8 @@ limitations under the License. -->
</div>
<div class="body">
<iframe
v-if="widget.url"
:src="widget.url"
v-if="widgetUrl.isValid"
:src="widgetUrl.sanitizedUrl"
width="100%"
height="100%"
scrolling="no"
@@ -40,7 +40,7 @@ limitations under the License. -->
sandbox="allow-scripts allow-same-origin"
referrerpolicy="no-referrer"
></iframe>
<div v-else class="tips">{{ t("iframeWidgetTip") }}</div>
<div v-else class="tips">{{ widgetUrl.error || t("iframeWidgetTip") }}</div>
</div>
</div>
</template>
@@ -49,6 +49,7 @@ limitations under the License. -->
import type { PropType } from "vue";
import { useI18n } from "vue-i18n";
import { useDashboardStore } from "@/store/modules/dashboard";
import { validateAndSanitizeUrl } from "@/utils/validateAndSanitizeUrl";
/*global defineProps */
const props = defineProps({
@@ -61,6 +62,7 @@ limitations under the License. -->
const { t } = useI18n();
const dashboardStore = useDashboardStore();
const widget = computed(() => props.data.widget || {});
const widgetUrl = computed(() => validateAndSanitizeUrl(widget.value.url || ""));
function removeTopo() {
dashboardStore.removeControls(props.data);