Merge branch 'v2.0.x' into v2.1.x

5e0fa998 · Medicean · 7fa790d5 · cea2919f · 5e0fa998 · 5e0fa998
Commit 5e0fa998 authored Apr 13, 2019 by Medicean
10 changed files
--- a/source/language/en.js
+++ b/source/language/en.js
@@ -84,8 +84,8 @@ module.exports = {
      del: {
        title: 'Delete category',
        confirm: 'Are you sure to delete this category?',
-        success: (category) => antSword.noxss(`Delete category(${category}) success!`),
+        success: (category) => `Delete category(${category}) success!`,
-        error: (category, err) => antSword.noxss(`Delete category(${category}failed!\n${err}`)
+        error: (category, err) => `Delete category(${category}failed!\n${err}`
      },
      rename: {
        title: 'Rename category',
@@ -125,7 +125,7 @@ module.exports = {
        test_warning: 'Response is null!',
        warning: 'Please enter the full!',
        success: 'Add shell success!',
-        error: (err) => antSword.noxss(`Add shell failed!\n${err}`)
+        error: (err) => `Add shell failed!\n${err}`
      },
      edit: {
        title: (url) => antSword.noxss(`Edit shell(${url})`),
@@ -143,29 +143,29 @@ module.exports = {
        },
        warning: 'Please enter the full!',
        success: 'Update shell success!',
-        error: (err) => antSword.noxss(`Update shell failed!\n${err}`)
+        error: (err) => `Update shell failed!\n${err}`
      },
      del: {
        title: 'Delete shell',
        confirm: (len) => antSword.noxss(`Are you sure to delete ${len} shells?`),
-        success: (len) => antSword.noxss(`Delete ${len} shells success!`),
+        success: (len) => `Delete ${len} shells success!`,
-        error: (err) => antSword.noxss(`Delete failed!\n${err}`)
+        error: (err) => `Delete failed!\n${err}`
      },
      move: {
-        success: (num) => antSword.noxss(`Move ${num}datas success!`),
+        success: (num) => `Move ${num}datas success!`,
-        error: (err) => antSword.noxss(`Move data failed!\n${err}`)
+        error: (err) => `Move data failed!\n${err}`
      },
      clearCache: {
        title: 'Clear cache',
        confirm: 'Are you sure to clear this cache?',
        success: 'Clear cache success!',
-        error: (err) => antSword.noxss(`Clear cache failed!\n${err}`)
+        error: (err) => `Clear cache failed!\n${err}`
      },
      clearAllCache: {
        title: 'Clear all cache',
        confirm: 'Are you sure to clear all the cache?',
        success: 'Clear all cache success!',
-        error: (err) => antSword.noxss(`Clear all cache failed!\n${err}`)
+        error: (err) => `Clear all cache failed!\n${err}`
      },
      accordion: {
        base: 'Base',
@@ -236,40 +236,40 @@ Hot Keys:
    delete: {
      title: 'Delete',
      confirm: (num) => antSword.noxss(`Are you sure to delete ${typeof(num) === 'number' ? num + ' files' : num} ?`),
-      success: (path) => antSword.noxss(`Delete file [${path}] success!`),
+      success: (path) => `Delete file [${path}] success!`,
-      error: (path, err) => antSword.noxss(`Delete file [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Delete file [${path}] failed!${err ? '\n' + err : ''}`
    },
    paste: {
-      success: (path) => antSword.noxss(`Paste file success!\n${path}`),
+      success: (path) => `Paste file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Paste file [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Paste file [${path}] failed!${err ? '\n' + err : ''}`
    },
    rename: {
      title: 'Rename',
      success: 'Rename success!',
-      error: (err) => antSword.noxss(`Rename failed!${err ? '\n' + err : ''}`)
+      error: (err) => `Rename failed!${err ? '\n' + err : ''}`
    },
    createFolder: {
      title: 'Create Folder',
      value: 'New Folder',
-      success: (path) => antSword.noxss(`Create folder success!\n${path}`),
+      success: (path) => `Create folder success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Create folder [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Create folder [${path}] failed!${err ? '\n' + err : ''}`
    },
    createFile: {
      title: 'Create File',
      value: 'New File.txt',
-      success: (path) => antSword.noxss(`Create file success!\n${path}`),
+      success: (path) => `Create file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Create file [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Create file [${path}] failed!${err ? '\n' + err : ''}`
    },
    retime: {
      title: 'Retime File',
-      success: (path) => antSword.noxss(`Retime file success!\n${path}`),
+      success: (path) => `Retime file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Retime file [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Retime file [${path}] failed!${err ? '\n' + err : ''}`
    },
    chmod: {
      title: 'Chmod File',
      check: 'Input should be octal numbers, eg: 0644',
-      success: (path) => antSword.noxss(`Chmod file success!\n${path}`),
+      success: (path) => `Chmod file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Chmod file [${path}] failed!${err ? '\n' + err : ''}`)
+      error: (path, err) => `Chmod file [${path}] failed!${err ? '\n' + err : ''}`
    },
    wget: {
      title: 'Wget File',
@@ -278,8 +278,8 @@ Hot Keys:
        name: 'WGET',
        start: 'Start to wget file..',
        success: 'Wget success!',
-        failed: (ret) => antSword.noxss(`Failed:${ret}`),
+        failed: (ret) => `Failed:${ret}`,
-        error: (err) => antSword.noxss(`Error:${err}`)
+        error: (err) => `Error:${err}`
      }
    },
    upload: {
@@ -289,11 +289,11 @@ Hot Keys:
        httperr_413: 'Please lower the upload file shard size setting.',
        httperr_etime: 'Request timeout, please increase the timeout period.',
        httperr_econnrefused: 'Connection refused, check target or proxy is enabled.',
-        failed: (err) => antSword.noxss(`Failed:${err}`),
+        failed: (err) => `Failed:${err}`,
-        error: (err) => antSword.noxss(`Error:${err}`)
+        error: (err) => `Error:${err}`
      },
-      success: (path) => antSword.noxss(`Upload file success!\n${path}`),
+      success: (path) => `Upload file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Upload file [${path}] failed!${err}`),
+      error: (path, err) => `Upload file [${path}] failed!${err}`,
    },
    folder: {
      title: 'Folders'
@@ -320,7 +320,7 @@ Hot Keys:
      prompt: {
        add: {
          title: 'Add to bookmark',
-          success: (path) => antSword.noxss(`Add to bookmark success!\n${path}`),
+          success: (path) => `Add to bookmark success!\n${path}`,
        },
        remove: {
          title: 'Remove bookmark',
@@ -369,8 +369,8 @@ Hot Keys:
            copypath: 'Copy FilePath',
            copysuccess: 'Copy to clipboard successfully!',
            copyfail: 'Copy to clipboard failed!',
-            warning: (id) => antSword.noxss(`Already add to clipboard!\n${id}`),
+            warning: (id) => `Already add to clipboard!\n${id}`,
-            info: (id) => antSword.noxss(`Add file to the clipboard.\n${id}`)
+            info: (id) => `Add file to the clipboard.\n${id}`
          },
          create: {
            title: 'Create',
@@ -388,9 +388,9 @@ Hot Keys:
        mode: 'Mode',
        encode: 'Open with Encoding'
      },
-      loadErr: (err) => antSword.noxss(`Load file error!\n${err}`),
+      loadErr: (err) => `Load file error!\n${err}`,
-      success: (path) => antSword.noxss(`Save the file success!\n${path}`),
+      success: (path) => `Save the file success!\n${path}`,
-      error: (path, err) => antSword.noxss(`Save the file [${path}] failed!${err}`)
+      error: (path, err) => `Save the file [${path}] failed!${err}`
    },
    tasks: {
      title: 'Tasks',
@@ -412,10 +412,10 @@ Hot Keys:
        cancel: 'Cancel download',
        start: 'Start to download',
        success: 'Download success!',
-        error: (err) => antSword.noxss(`Error:${err}`)
+        error: (err) => `Error:${err}`
      },
-      error: (name, err) => antSword.noxss(`Download file [${name}]error!\n${err}`),
+      error: (name, err) => `Download file [${name}]error!\n${err}`,
-      success: (name) => antSword.noxss(`Download file [${name}] success!`)
+      success: (name) => `Download file [${name}] success!`
    }
  },
  database: {
@@ -451,10 +451,10 @@ Hot Keys:
      title: 'Result',
      warning: 'Execution is completed, but no results return!',
      error: {
-        database: (err) => antSword.noxss(`Failed to obtain a list of databases!\n${err}`),
+        database: (err) => `Failed to obtain a list of databases!\n${err}`,
-        table: (err) => antSword.noxss(`Get table data failed!\n${err}`),
+        table: (err) => `Get table data failed!\n${err}`,
-        column: (err) => antSword.noxss(`Failed to obtain field list!\n${err}`),
+        column: (err) => `Failed to obtain field list!\n${err}`,
-        query: (err) => antSword.noxss(`Failure to execute SQL!\n${err}`),
+        query: (err) => `Failure to execute SQL!\n${err}`,
        parse: 'Return data format is incorrect!',
        noresult: 'No query results!'
      },
@@ -486,7 +486,7 @@ Hot Keys:
        title: 'Delete configuration',
        confirm: 'Determine delete this configuration?',
        success: 'Delete configuration success!',
-        error: (err) => antSword.noxss(`Delete configuration failed!\n${err}`)
+        error: (err) => `Delete configuration failed!\n${err}`
      },
      adddb: {
        title: 'New Database',
@@ -772,7 +772,7 @@ Hot Keys:
    }
  },
  plugin: {
-    error: (err) => antSword.noxss(`Load Plugin Store failed!\n${err}`)
+    error: (err) => `Load Plugin Store failed!\n${err}`
  },
  update: {
    title: 'Found updates',

--- a/source/language/zh.js
+++ b/source/language/zh.js
--- a/source/language/zh_hk.js
+++ b/source/language/zh_hk.js
--- a/source/language/zh_tw.js
+++ b/source/language/zh_tw.js
--- a/source/modules/database/asp/index.js
+++ b/source/modules/database/asp/index.js
@@ -451,7 +451,7 @@ class ASP {
        this.tree.insertNewItem(
          `conn::${id}`,
          `database::${id}:${_db}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[1],
          this.manager.list.imgs[1],
          this.manager.list.imgs[1]);
@@ -494,7 +494,7 @@ class ASP {
        this.tree.insertNewItem(
          `database::${id}:${_db}`,
          `table::${id}:${_db}:${_table}`,
-          _,
+          antSword.noxss(_),
          null,
          this.manager.list.imgs[2],
          this.manager.list.imgs[2],
@@ -553,11 +553,11 @@ class ASP {
      // 添加子节点
      arr.map((_) => {
        if (!_) { return };
-        const _column = Buffer.from(_.split(' ')[0]).toString('base64');
+        const _column = Buffer.from(_.substr(_, _.lastIndexOf(' '))).toString('base64');
        this.tree.insertNewItem(
          `table::${id}:${_db}:${_table}`,
          `column::${id}:${_db}:${_table}:${_column}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[3],
          this.manager.list.imgs[3],
          this.manager.list.imgs[3]
@@ -622,7 +622,7 @@ class ASP {
      return toastr.error(LANG['result']['error']['parse'], LANG_T['error']);
    };
    // 3.行头
-    let header_arr = arr[0].split('\t|\t');
+    let header_arr = antSword.noxss(arr[0]).split('\t|\t');
    if (header_arr.length === 1) {
      return toastr.warning(LANG['result']['error']['noresult'], LANG_T['warning']);
    };

--- a/source/modules/database/custom/index.js
+++ b/source/modules/database/custom/index.js
@@ -433,7 +433,7 @@ class CUSTOM {
        this.tree.insertNewItem(
          `conn::${id}`,
          `database::${id}:${_db}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[1],
          this.manager.list.imgs[1],
          this.manager.list.imgs[1]);
@@ -474,7 +474,7 @@ class CUSTOM {
        this.tree.insertNewItem(
          `database::${id}:${_db}`,
          `table::${id}:${_db}:${_table}`,
-          _,
+          antSword.noxss(_),
          null,
          this.manager.list.imgs[2],
          this.manager.list.imgs[2],
@@ -515,11 +515,11 @@ class CUSTOM {
      // 添加子节点
      arr.map((_) => {
        if (!_) { return };
-        const _column = Buffer.from(_.split(' ')[0]).toString('base64');
+        const _column = Buffer.from(_.substr(_, _.lastIndexOf(' '))).toString('base64');
        this.tree.insertNewItem(
          `table::${id}:${_db}:${_table}`,
          `column::${id}:${_db}:${_table}:${_column}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[3],
          this.manager.list.imgs[3],
          this.manager.list.imgs[3]
@@ -572,7 +572,7 @@ class CUSTOM {
      return toastr.error(LANG['result']['error']['parse'], LANG_T['error']);
    };
    // 3.行头
-    let header_arr = arr[0].split('\t|\t');
+    let header_arr = antSword.noxss(arr[0]).split('\t|\t');
    if (header_arr.length === 1) {
      return toastr.warning(LANG['result']['error']['noresult'], LANG_T['warning']);
    };

--- a/source/modules/database/php/index.js
+++ b/source/modules/database/php/index.js
@@ -1385,7 +1385,7 @@ class PHP {
        this.tree.insertNewItem(
          `conn::${id}`,
          `database::${id}:${_db}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[1],
          this.manager.list.imgs[1],
          this.manager.list.imgs[1]);
@@ -1429,7 +1429,7 @@ class PHP {
        this.tree.insertNewItem(
          `database::${id}:${_db}`,
          `table::${id}:${_db}:${_table}`,
-          _,
+          antSword.noxss(_),
          null,
          this.manager.list.imgs[2],
          this.manager.list.imgs[2],
@@ -1473,11 +1473,11 @@ class PHP {
      // 添加子节点
      arr.map((_) => {
        if (!_) { return };
-        const _column = Buffer.from(_.split(' ')[0]).toString('base64');
+        const _column = Buffer.from(_.substr(_, _.lastIndexOf(' '))).toString('base64');
        this.tree.insertNewItem(
          `table::${id}:${_db}:${_table}`,
          `column::${id}:${_db}:${_table}:${_column}`,
-          _, null,
+          antSword.noxss(_), null,
          this.manager.list.imgs[3],
          this.manager.list.imgs[3],
          this.manager.list.imgs[3]
@@ -1560,7 +1560,7 @@ class PHP {
      return toastr.error(LANG['result']['error']['parse'], LANG_T['error']);
    };
    // 3.行头
-    let header_arr = arr[0].split('\t|\t');
+    let header_arr = antSword.noxss(arr[0]).split('\t|\t');
    if (header_arr.length === 1) {
      return toastr.warning(LANG['result']['error']['noresult'], LANG_T['warning']);
    };
@@ -1621,7 +1621,7 @@ class PHP {
      return toastr.error(LANG['result']['error']['parse'], LANG_T['error']);
    };
    // 3.行头
-    let header_arr = arr[0].split('\t|\t');
+    let header_arr = antSword.noxss(arr[0]).split('\t|\t');
    if (header_arr.length === 1) {
      return toastr.warning(LANG['result']['error']['noresult'], LANG_T['warning']);
    };

--- a/source/modules/filemanager/index.js
+++ b/source/modules/filemanager/index.js
@@ -286,7 +286,7 @@ class FileManager {
    let self = this;
    layer.confirm(
-      LANG['delete']['confirm'](files.length > 1 ? files.length : antSword.noxss(files[0])),
+      LANG['delete']['confirm'](files.length > 1 ? files.length : files[0]),
      {
        icon: 2,
        shift: 6,
@@ -813,7 +813,7 @@ class FileManager {
    let hinttext = '';
    if (openfileintab == false){
      win = this.createWin({
-        title: LANG['editor']['title'](path),
+        title: LANG['editor']['title'](antSword.noxss(path)),
        width: 800
      });
      win.maximize();  

--- a/source/ui/tabbar.js
+++ b/source/ui/tabbar.js
@@ -47,7 +47,7 @@ class Tabbar {
   * @return {Object}           this
   */
  setTitle(title = 'New Title') {
-    this.cell.setText(`<i class="fa fa-puzzle-piece"></i> ${title}`);
+    this.cell.setText(`<i class="fa fa-puzzle-piece"></i> ${antSword.noxss(title)}`);
    return this;
  }
@@ -57,10 +57,12 @@ class Tabbar {
   * @param  {String} html = "" [description]
   * @return {Object}           this
   */
-  safeHTML(html = "") {
+  safeHTML(html = "", sandbox = "") {
    let _html = Buffer.from(html).toString('base64');
+    // https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#attr-sandbox
    let _iframe = `
      <iframe
+        sandbox="${sandbox}"
        src="data:text/html;base64,${_html}"
        style="width:100%;height:100%;border:0;padding:0;margin:0;">
      </iframe>

--- a/source/ui/window.js
+++ b/source/ui/window.js
@@ -34,7 +34,7 @@ class Window {
      id, 0, 0,
      opt['width'], opt['height']
    );
-    win.setText(opt['title']);
+    win.setText(antSword.noxss(opt['title']));
    win.centerOnScreen();
    win.button('minmax').show();
    win.button('minmax').enable();
@@ -55,7 +55,7 @@ class Window {
   * @param {String} title = 'New Title' 新标题
   */
  setTitle(title = 'New Title') {
-    this.win.setText(title);
+    this.win.setText(antSword.noxss(title));
  }
 }