diff --git a/server/src/main/java/cn/keking/service/FileHandlerService.java b/server/src/main/java/cn/keking/service/FileHandlerService.java index d18af3ba5..94f5823c7 100644 --- a/server/src/main/java/cn/keking/service/FileHandlerService.java +++ b/server/src/main/java/cn/keking/service/FileHandlerService.java @@ -437,11 +437,7 @@ public FileAttribute getFileAttribute(String url, HttpServletRequest req) { type = FileType.typeFromFileName(fullFileName); suffix = KkFileUtils.suffixFromFileName(fullFileName); // 移除fullfilename参数 - if (url.indexOf("fullfilename=" + fullFileName + "&") > 0) { - url = url.replace("fullfilename=" + fullFileName + "&", ""); - } else { - url = url.replace("fullfilename=" + fullFileName, ""); - } + url = WebUtils.clearFullfilenameParam(url); } else { originFileName = WebUtils.getFileNameFromURL(url); type = FileType.typeFromUrl(url); @@ -460,13 +456,14 @@ public FileAttribute getFileAttribute(String url, HttpServletRequest req) { e.printStackTrace(); } } - url = WebUtils.encodeUrlFileName(url); if (UrlEncoderUtils.hasUrlEncoded(originFileName)) { //判断文件名是否转义 try { - originFileName = URLDecoder.decode(originFileName, uriEncoding).replaceAll("\\+", "%20"); + originFileName = URLDecoder.decode(originFileName, uriEncoding); //转义的文件名 解下出原始文件名 } catch (UnsupportedEncodingException e) { e.printStackTrace(); } + }else { + url = WebUtils.encodeUrlFileName(url); //对未转义的url进行转义 } originFileName = KkFileUtils.htmlEscape(originFileName); //文件名处理 boolean isHtmlView = suffix.equalsIgnoreCase("xls") || suffix.equalsIgnoreCase("xlsx") || suffix.equalsIgnoreCase("csv") || suffix.equalsIgnoreCase("xlsm") || suffix.equalsIgnoreCase("xlt") || suffix.equalsIgnoreCase("xltm") || suffix.equalsIgnoreCase("et") || suffix.equalsIgnoreCase("ett") || suffix.equalsIgnoreCase("xlam"); diff --git a/server/src/main/java/cn/keking/service/impl/CadFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/CadFilePreviewImpl.java index f2fe1c7a2..e5f30141c 100644 --- a/server/src/main/java/cn/keking/service/impl/CadFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/CadFilePreviewImpl.java @@ -7,10 +7,10 @@ import cn.keking.service.FilePreview; import cn.keking.utils.DownloadUtils; import cn.keking.utils.KkFileUtils; +import cn.keking.utils.WebUtils; import cn.keking.web.filter.BaseUrlFilter; import org.springframework.stereotype.Service; import org.springframework.ui.Model; -import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; import static cn.keking.service.impl.OfficeFilePreviewImpl.getPreviewType; @@ -70,6 +70,7 @@ public String filePreviewHandle(String url, Model model, FileAttribute fileAttri } } } + cacheName= WebUtils.encodeFileName(cacheName); if ("tif".equalsIgnoreCase(cadPreviewType)) { model.addAttribute("currentUrl", cacheName); return TIFF_FILE_PREVIEW_PAGE; diff --git a/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java index 8ba283466..f2e66e71d 100644 --- a/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/OfficeFilePreviewImpl.java @@ -9,13 +9,13 @@ import cn.keking.utils.DownloadUtils; import cn.keking.utils.KkFileUtils; import cn.keking.utils.OfficeUtils; +import cn.keking.utils.WebUtils; import cn.keking.web.filter.BaseUrlFilter; import org.apache.commons.lang3.exception.ExceptionUtils; import org.apache.poi.EncryptedDocumentException; import org.jodconverter.core.office.OfficeException; import org.springframework.stereotype.Service; import org.springframework.ui.Model; -import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; import java.io.IOException; @@ -111,7 +111,7 @@ public String filePreviewHandle(String url, Model model, FileAttribute fileAttri if (!isHtmlView && baseUrl != null && (OFFICE_PREVIEW_TYPE_IMAGE.equals(officePreviewType) || OFFICE_PREVIEW_TYPE_ALL_IMAGES.equals(officePreviewType))) { return getPreviewType(model, fileAttribute, officePreviewType, cacheName, outFilePath, fileHandlerService, OFFICE_PREVIEW_TYPE_IMAGE, otherFilePreview); } - model.addAttribute("pdfUrl", cacheName); + model.addAttribute("pdfUrl", WebUtils.encodeFileName(cacheName)); //输出转义文件名 方便url识别 return isHtmlView ? EXEL_FILE_PREVIEW_PAGE : PDF_FILE_PREVIEW_PAGE; } diff --git a/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java index 925820cbf..9640c13b1 100644 --- a/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/PdfFilePreviewImpl.java @@ -3,16 +3,16 @@ import cn.keking.config.ConfigConstants; import cn.keking.model.FileAttribute; import cn.keking.model.ReturnResponse; +import cn.keking.service.FileHandlerService; import cn.keking.service.FilePreview; import cn.keking.utils.DownloadUtils; -import cn.keking.service.FileHandlerService; +import cn.keking.utils.WebUtils; import org.apache.commons.lang3.exception.ExceptionUtils; import org.apache.poi.EncryptedDocumentException; import org.springframework.stereotype.Service; import org.springframework.ui.Model; import java.io.IOException; -import java.net.URLEncoder; import java.util.List; /** @@ -88,7 +88,7 @@ public String filePreviewHandle(String url, Model model, FileAttribute fileAttri fileHandlerService.addConvertedFile(pdfName, fileHandlerService.getRelativePath(outFilePath)); } } else { - model.addAttribute("pdfUrl", pdfName); + model.addAttribute("pdfUrl", WebUtils.encodeFileName(pdfName)); } } else { model.addAttribute("pdfUrl", url); diff --git a/server/src/main/java/cn/keking/service/impl/TiffFilePreviewImpl.java b/server/src/main/java/cn/keking/service/impl/TiffFilePreviewImpl.java index f04d93792..489cbf354 100644 --- a/server/src/main/java/cn/keking/service/impl/TiffFilePreviewImpl.java +++ b/server/src/main/java/cn/keking/service/impl/TiffFilePreviewImpl.java @@ -8,11 +8,10 @@ import cn.keking.utils.ConvertPicUtil; import cn.keking.utils.DownloadUtils; import cn.keking.utils.KkFileUtils; +import cn.keking.utils.WebUtils; import org.springframework.stereotype.Service; import org.springframework.ui.Model; -import org.springframework.util.ObjectUtils; -import java.io.IOException; import java.util.List; /** @@ -64,7 +63,7 @@ public String filePreviewHandle(String url, Model model, FileAttribute fileAttri // 加入缓存 fileHandlerService.addConvertedFile(cacheName, fileHandlerService.getRelativePath(outFilePath)); } - model.addAttribute("pdfUrl", cacheName); + model.addAttribute("pdfUrl", WebUtils.encodeFileName(cacheName)); return PDF_FILE_PREVIEW_PAGE; }else { // 将tif转换为jpg,返回转换后的文件路径、文件名的list @@ -95,7 +94,7 @@ public String filePreviewHandle(String url, Model model, FileAttribute fileAttri } } if ("pdf".equalsIgnoreCase(tifPreviewType)) { - model.addAttribute("pdfUrl", fileHandlerService.listConvertedFiles().get(cacheName)); + model.addAttribute("pdfUrl", WebUtils.encodeFileName(cacheName)); return PDF_FILE_PREVIEW_PAGE; } else if ("jpg".equalsIgnoreCase(tifPreviewType)) { @@ -117,7 +116,7 @@ else if ("jpg".equalsIgnoreCase(tifPreviewType)) { fileHandlerService.addConvertedFile(fileName, fileHandlerService.getRelativePath(outFilePath)); } } else { - model.addAttribute("currentUrl", fileName); + model.addAttribute("currentUrl", WebUtils.encodeFileName(fileName)); } return TIFF_FILE_PREVIEW_PAGE; } diff --git a/server/src/main/java/cn/keking/utils/DownloadUtils.java b/server/src/main/java/cn/keking/utils/DownloadUtils.java index 1929abbbe..91a0fae45 100644 --- a/server/src/main/java/cn/keking/utils/DownloadUtils.java +++ b/server/src/main/java/cn/keking/utils/DownloadUtils.java @@ -105,8 +105,7 @@ public static ReturnResponse downLoad(FileAttribute fileAttribute, Strin } }; try { - URI uri = URI.create(urlStr); - restTemplate.execute(uri, HttpMethod.GET, requestCallback, fileResponse -> { + restTemplate.execute(url.toURI(), HttpMethod.GET, requestCallback, fileResponse -> { FileUtils.copyToFile(fileResponse.getBody(), realFile); return null; }); diff --git a/server/src/main/java/cn/keking/utils/WebUtils.java b/server/src/main/java/cn/keking/utils/WebUtils.java index 347a81f01..3cb01d9fb 100644 --- a/server/src/main/java/cn/keking/utils/WebUtils.java +++ b/server/src/main/java/cn/keking/utils/WebUtils.java @@ -5,6 +5,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.Base64Utils; +import org.springframework.util.ObjectUtils; import org.springframework.web.multipart.MultipartFile; import org.springframework.web.util.HtmlUtils; @@ -40,6 +41,52 @@ public static URL normalizedURL(String urlStr) throws GalimatiasParseException, return io.mola.galimatias.URL.parse(urlStr).toJavaURL(); } + + /** + * 对文件名进行编码 + * + */ + public static String encodeFileName(String name) { + try { + name = URLEncoder.encode(name, "UTF-8").replaceAll("\\+", "%20"); + } catch (UnsupportedEncodingException e) { + return null; + } + return name; + } + + + /** + * 去除fullfilename参数 + * + * @param urlStr + * @return + */ + public static String clearFullfilenameParam(String urlStr) { + // 去除特定参数字段 + Pattern pattern = Pattern.compile("(&fullfilename=[^&]*)"); + Matcher matcher = pattern.matcher(urlStr); + return matcher.replaceAll(""); + } + + /** + * 对URL进行编码 + */ + public static String urlEncoderencode(String urlStr) { + + String fullFileName = getUrlParameterReg(urlStr, "fullfilename"); //获取文件名 + if (!ObjectUtils.isEmpty(fullFileName)) { //判断是否启用了 流接入方法 + urlStr = clearFullfilenameParam(urlStr); //去掉流接入 拼接命令 + } + try { + urlStr = URLEncoder.encode(urlStr, "UTF-8").replaceAll("\\+", "%20"); + urlStr = urlStr.replaceAll("%3A", ":").replaceAll("%2F", "/").replaceAll("%3F", "?").replaceAll("%26", "&"); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } + return urlStr; + } + /** * 获取url中的参数 * diff --git a/server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java b/server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java index 1c3bf110a..809aeaefb 100644 --- a/server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java +++ b/server/src/main/java/cn/keking/web/controller/OnlinePreviewController.java @@ -64,11 +64,11 @@ public String onlinePreview(String url, Model model, HttpServletRequest req) { String errorMsg = String.format(BASE64_DECODE_ERROR_MSG, "url"); return otherFilePreview.notSupportedFile(model, errorMsg); } - FileAttribute fileAttribute = fileHandlerService.getFileAttribute(fileUrl, req); + FileAttribute fileAttribute = fileHandlerService.getFileAttribute(fileUrl, req); //这里不在进行URL 处理了 model.addAttribute("file", fileAttribute); FilePreview filePreview = previewFactory.get(fileAttribute); logger.info("预览文件url:{},previewType:{}", fileUrl, fileAttribute.getType()); - return filePreview.filePreviewHandle(fileUrl, model, fileAttribute); + return filePreview.filePreviewHandle(WebUtils.urlEncoderencode(fileUrl), model, fileAttribute); //统一在这里处理 url } @GetMapping( "/picturesPreview")