mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-12-21 11:33:03 +00:00
Compare commits
4 Commits
v3.10.21
...
rdp-patch-
| Author | SHA1 | Date | |
|---|---|---|---|
|
ab777aeb18 | ||
|
a497b3cf94 | ||
|
|
8548b73063 | ||
|
|
182320f492 |
@@ -66,6 +66,8 @@ class RDPFileClientProtocolURLMixin:
|
|||||||
'autoreconnection enabled:i': '1',
|
'autoreconnection enabled:i': '1',
|
||||||
'bookmarktype:i': '3',
|
'bookmarktype:i': '3',
|
||||||
'use redirection server name:i': '0',
|
'use redirection server name:i': '0',
|
||||||
|
'bitmapcachepersistenable:i': '0',
|
||||||
|
'bitmapcachesize:i': '1500',
|
||||||
}
|
}
|
||||||
# 设置多屏显示
|
# 设置多屏显示
|
||||||
multi_mon = is_true(self.request.query_params.get('multi_mon'))
|
multi_mon = is_true(self.request.query_params.get('multi_mon'))
|
||||||
|
|||||||
@@ -36,7 +36,7 @@ class MFAMiddleware:
|
|||||||
# 这个是 mfa 登录页需要的请求, 也得放出来, 用户其实已经在 CAS/OIDC 中完成登录了
|
# 这个是 mfa 登录页需要的请求, 也得放出来, 用户其实已经在 CAS/OIDC 中完成登录了
|
||||||
white_urls = [
|
white_urls = [
|
||||||
'login/mfa', 'mfa/select', 'jsi18n/', '/static/',
|
'login/mfa', 'mfa/select', 'jsi18n/', '/static/',
|
||||||
'/profile/otp', '/logout/',
|
'/profile/otp', '/logout/', '/media/'
|
||||||
]
|
]
|
||||||
for url in white_urls:
|
for url in white_urls:
|
||||||
if request.path.find(url) > -1:
|
if request.path.find(url) > -1:
|
||||||
|
|||||||
@@ -3,10 +3,10 @@
|
|||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import time
|
|
||||||
from urllib.parse import urlparse, quote
|
from urllib.parse import urlparse, quote
|
||||||
|
|
||||||
import pytz
|
import pytz
|
||||||
|
import time
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.core.exceptions import MiddlewareNotUsed
|
from django.core.exceptions import MiddlewareNotUsed
|
||||||
from django.http.response import HttpResponseForbidden
|
from django.http.response import HttpResponseForbidden
|
||||||
@@ -162,9 +162,16 @@ class SafeRedirectMiddleware:
|
|||||||
target_host = parsed.netloc
|
target_host = parsed.netloc
|
||||||
if target_host in [*settings.ALLOWED_HOSTS]:
|
if target_host in [*settings.ALLOWED_HOSTS]:
|
||||||
return response
|
return response
|
||||||
origin = f"{request.scheme}://{request.get_host()}"
|
target_host, target_port = self._split_host_port(parsed.netloc)
|
||||||
target_origin = f"{parsed.scheme}://{target_host}"
|
origin_host, origin_port = self._split_host_port(request.get_host())
|
||||||
if not target_origin.startswith(origin):
|
if target_host != origin_host:
|
||||||
safe_redirect_url = '%s?%s' % (reverse('redirect-confirm'), f'next={quote(location)}')
|
safe_redirect_url = '%s?%s' % (reverse('redirect-confirm'), f'next={quote(location)}')
|
||||||
return redirect(safe_redirect_url)
|
return redirect(safe_redirect_url)
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _split_host_port(netloc):
|
||||||
|
if ':' in netloc:
|
||||||
|
host, port = netloc.split(':', 1)
|
||||||
|
return host, port
|
||||||
|
return netloc, '80'
|
||||||
|
|||||||
@@ -147,7 +147,7 @@ mistune = "2.0.3"
|
|||||||
openai = "^1.29.0"
|
openai = "^1.29.0"
|
||||||
xlsxwriter = "^3.1.9"
|
xlsxwriter = "^3.1.9"
|
||||||
exchangelib = "^5.1.0"
|
exchangelib = "^5.1.0"
|
||||||
xmlsec = "1.3.13"
|
xmlsec = "1.3.14"
|
||||||
lxml = "5.2.1"
|
lxml = "5.2.1"
|
||||||
receptorctl = "^1.4.5"
|
receptorctl = "^1.4.5"
|
||||||
pydantic = "^2.7.4"
|
pydantic = "^2.7.4"
|
||||||
|
|||||||
Reference in New Issue
Block a user