xinyin025/geekai
1
0
Fork 0
mirror of https://github.com/yangjian102621/geekai.git synced 2025-09-18 01:06:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: fixed bug for prompt code format, prevent xss attacks

Browse Source
This commit is contained in:
RockYang 2023-12-07 14:02:13 +08:00
parent e841a61bf0
commit a6025e6fab
6 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/handler/chatimpl/azure_handler.go
View File

@ -10,6 +10,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"gorm.io/gorm" "gorm.io/gorm"
"html/template"
"io" "io"
"strings" "strings"
"time" "time"
@ -200,7 +201,7 @@ func (h *ChatHandler) sendAzureMessage(
RoleId: role.Id, RoleId: role.Id,
Type: types.PromptMsg, Type: types.PromptMsg,
Icon: userVo.Avatar, Icon: userVo.Avatar,
Content: prompt, Content: template.HTMLEscapeString(prompt),
Tokens: promptToken, Tokens: promptToken,
UseContext: useContext, UseContext: useContext,
} }

3
api/handler/chatimpl/baidu_handler.go
View File

@ -9,6 +9,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"html/template"
"io" "io"
"net/http" "net/http"
"strings" "strings"
@ -156,7 +157,7 @@ func (h *ChatHandler) sendBaiduMessage(
RoleId: role.Id, RoleId: role.Id,
Type: types.PromptMsg, Type: types.PromptMsg,
Icon: userVo.Avatar, Icon: userVo.Avatar,
Content: prompt, Content: template.HTMLEscapeString(prompt),
Tokens: promptToken, Tokens: promptToken,
UseContext: true, UseContext: true,
} }

3
api/handler/chatimpl/chatglm_handler.go
View File

@ -10,6 +10,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"html/template"
"io" "io"
"strings" "strings"
"time" "time"
@ -135,7 +136,7 @@ func (h *ChatHandler) sendChatGLMMessage(
RoleId: role.Id, RoleId: role.Id,
Type: types.PromptMsg, Type: types.PromptMsg,
Icon: userVo.Avatar, Icon: userVo.Avatar,
Content: prompt, Content: template.HTMLEscapeString(prompt),
Tokens: promptToken, Tokens: promptToken,
UseContext: true, UseContext: true,
} }

3
api/handler/chatimpl/openai_handler.go
View File

@ -10,6 +10,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"gorm.io/gorm" "gorm.io/gorm"
"html/template"
"io" "io"
"strings" "strings"
"time" "time"
@ -199,7 +200,7 @@ func (h *ChatHandler) sendOpenAiMessage(
RoleId: role.Id, RoleId: role.Id,
Type: types.PromptMsg, Type: types.PromptMsg,
Icon: userVo.Avatar, Icon: userVo.Avatar,
Content: prompt, Content: template.HTMLEscapeString(prompt),
Tokens: promptToken, Tokens: promptToken,
UseContext: useContext, UseContext: useContext,
} }

3
api/handler/chatimpl/xunfei_handler.go
View File

@ -12,6 +12,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"
"html/template"
"io" "io"
"net/http" "net/http"
"net/url" "net/url"
@ -198,7 +199,7 @@ func (h *ChatHandler) sendXunFeiMessage(
RoleId: role.Id, RoleId: role.Id,
Type: types.PromptMsg, Type: types.PromptMsg,
Icon: userVo.Avatar, Icon: userVo.Avatar,
Content: prompt, Content: template.HTMLEscapeString(prompt),
Tokens: promptToken, Tokens: promptToken,
UseContext: true, UseContext: true,
} }

12
web/src/views/ChatPlus.vue
View File

@ -245,7 +245,7 @@ import {
VideoPause VideoPause
} from '@element-plus/icons-vue' } from '@element-plus/icons-vue'
import 'highlight.js/styles/a11y-dark.css' import 'highlight.js/styles/a11y-dark.css'
import {dateFormat, isMobile, randString, removeArrayItem, renderInputText, UUID} from "@/utils/libs"; import {dateFormat, isMobile, randString, removeArrayItem, UUID} from "@/utils/libs";
import {ElMessage, ElMessageBox} from "element-plus"; import {ElMessage, ElMessageBox} from "element-plus";
import hl from "highlight.js"; import hl from "highlight.js";
import {getSessionId, getUserToken, removeUserToken} from "@/store/session"; import {getSessionId, getUserToken, removeUserToken} from "@/store/session";
@ -690,13 +690,12 @@ const sendMessage = function () {
if (prompt.value.trim().length === 0 || canSend.value === false) { if (prompt.value.trim().length === 0 || canSend.value === false) {
return false; return false;
} }
// //
chatData.value.push({ chatData.value.push({
type: "prompt", type: "prompt",
id: randString(32), id: randString(32),
icon: loginUser.value.avatar, icon: loginUser.value.avatar,
content: renderInputText(prompt.value), content: md.render(prompt.value),
created_at: new Date().getTime(), created_at: new Date().getTime(),
}); });
@ -761,10 +760,7 @@ const loadChatHistory = function (chatId) {
} }
showHello.value = false showHello.value = false
for (let i = 0; i < data.length; i++) { for (let i = 0; i < data.length; i++) {
if (data[i].type === "prompt") { if (data[i].type === "mj") {
chatData.value.push(data[i]);
continue;
} else if (data[i].type === "mj") {
data[i].content = JSON.parse(data[i].content) data[i].content = JSON.parse(data[i].content)
data[i].content.html = md.render(data[i].content?.content) data[i].content.html = md.render(data[i].content?.content)
chatData.value.push(data[i]); chatData.value.push(data[i]);
@ -802,7 +798,7 @@ const reGenerate = function () {
type: "prompt", type: "prompt",
id: randString(32), id: randString(32),
icon: loginUser.value.avatar, icon: loginUser.value.avatar,
content: renderInputText(text) content: md.render(text)
}); });
socket.value.send(text); socket.value.send(text);
} }