Open
Conversation
klboke
reviewed
Apr 15, 2026
| }); | ||
| throw ex; | ||
| }; | ||
| var validateFileURL = function (file) { |
Contributor
There was a problem hiding this comment.
这里把 pdf.js 的同源校验整体去掉了,但 kkFileView 自己其实已经有跨域代理路径:pdf.ftl 会把非本地 URL 改写到 /getCorsFile,后端入口在 OnlinePreviewController#getCorsFile。也就是说这次需求更像是修 kkFileView 的预览入口,而不是全局放开 vendored viewer.html 的跨域限制。现在这个改法会扩大直接访问 /pdfjs/web/viewer.html 时的行为面,而且后续同步 pdf.js 版本也更难维护。
Contributor
Author
There was a problem hiding this comment.
这块是为了配合 ${kkagent} 如果接入服务器支持了 跨域功能 就跳过KK反代
klboke
reviewed
Apr 15, 2026
| viewerUrl += "&disabledownload=${pdfDownloadDisable}"; | ||
| viewerUrl += "&disablebookmark=${pdfBookmarkDisable}"; | ||
| viewerUrl += "&disableediting=${pdfDisableEditing}"; | ||
| viewerUrl += "&pdfhighlightall=${highlightall}"; |
Contributor
There was a problem hiding this comment.
这里把 highlightall / watermarkTxt 直接拼进 query string,没有做 encodeURIComponent。这两个值来自请求参数,当前上游只做了 HTML escape;一旦用户传入 &、#、= 之类字符,viewer URL 就会被截断或解析错位,page/pagemode 这类后续参数也会受到影响。这个路径要么逐项 URL 编码,要么统一用参数对象构造查询串。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.