优化

2025-08-10 00:52:30 +00:00 · 2025-04-09 19:12:27 +08:00
parent fce158cc23
commit 70f40fd90e
7 changed files with 23 additions and 12 deletions
--- a/app/src/main/java/io/legado/app/data/entities/BaseSource.kt
+++ b/app/src/main/java/io/legado/app/data/entities/BaseSource.kt
@@ -9,7 +9,7 @@ import io.legado.app.constant.AppLog
 import io.legado.app.data.entities.rule.RowUi
 import io.legado.app.help.CacheManager
 import io.legado.app.help.JsExtensions
-import io.legado.app.help.SymmetricCryptoAndroid
+import io.legado.app.help.crypto.SymmetricCryptoAndroid
 import io.legado.app.help.config.AppConfig
 import io.legado.app.help.http.CookieStore
 import io.legado.app.help.source.getShareScope
--- a/app/src/main/java/io/legado/app/help/JsEncodeUtils.kt
+++ b/app/src/main/java/io/legado/app/help/JsEncodeUtils.kt
@@ -6,6 +6,7 @@ import cn.hutool.crypto.digest.HMac
 import cn.hutool.crypto.symmetric.SymmetricCrypto
 import io.legado.app.help.crypto.AsymmetricCrypto
 import io.legado.app.help.crypto.Sign
+import io.legado.app.help.crypto.SymmetricCryptoAndroid
 import io.legado.app.utils.MD5Utils


--- a/app/src/main/java/io/legado/app/help/JsExtensions.kt
+++ b/app/src/main/java/io/legado/app/help/JsExtensions.kt
@@ -333,8 +333,8 @@ interface JsExtensions : JsEncodeUtils {
     * @return 相对路径
     */
    @Deprecated(
-        "Depreted",
-        ReplaceWith("downloadFile(url: String)")
+        "Deprecated",
+        ReplaceWith("downloadFile(url)")
    )
    fun downloadFile(content: String, url: String): String {
        val type = AnalyzeUrl(url, source = getSource(), coroutineContext = context).type
@@ -560,7 +560,11 @@ interface JsExtensions : JsEncodeUtils {
        } else {
            cachePath + File.separator + path
        }
-        return File(aPath)
+        val file = File(aPath)
+        if (!file.canonicalPath.startsWith(cachePath)) {
+            throw SecurityException("非法路径")
+        }
+        return file
    }

    fun readFile(path: String): ByteArray? {
@@ -780,6 +784,10 @@ interface JsExtensions : JsEncodeUtils {
    /**
     * 解析字体Base64数据,返回字体解析类
     */
+    @Deprecated(
+        "Deprecated",
+        ReplaceWith("queryTTF(data)")
+    )
    fun queryBase64TTF(data: String?): QueryTTF? {
        log("queryBase64TTF(String)方法已过时,并将在未来删除；请无脑使用queryTTF(Any)替代，新方法支持传入 url、本地文件、base64、ByteArray 自动判断&自动缓存，特殊情况需禁用缓存请传入第二可选参数false:Boolean")
        return queryTTF(data)
--- a/app/src/main/java/io/legado/app/help/crypto/AsymmetricCrypto.kt
+++ b/app/src/main/java/io/legado/app/help/crypto/AsymmetricCrypto.kt
@@ -1,11 +1,13 @@
 package io.legado.app.help.crypto

+import androidx.annotation.Keep
 import cn.hutool.crypto.KeyUtil
 import cn.hutool.crypto.asymmetric.KeyType
 import io.legado.app.utils.EncoderUtils
 import java.io.InputStream
 import cn.hutool.crypto.asymmetric.AsymmetricCrypto as HutoolAsymmetricCrypto

+@Keep
@Suppress("unused")
 class AsymmetricCrypto(algorithm: String) : HutoolAsymmetricCrypto(algorithm) {

--- a/app/src/main/java/io/legado/app/help/crypto/Sign.kt
+++ b/app/src/main/java/io/legado/app/help/crypto/Sign.kt
@@ -1,24 +1,22 @@
 package io.legado.app.help.crypto

+import androidx.annotation.Keep
 import cn.hutool.crypto.KeyUtil
 import cn.hutool.crypto.asymmetric.Sign as HutoolSign

+@Keep
@Suppress("unused")
 class Sign(algorithm: String): HutoolSign(algorithm) {

    fun setPrivateKey(key: ByteArray): Sign {
-        setPrivateKey(
-            KeyUtil.generatePrivateKey(this.algorithm, key)
-        )
+        setPrivateKey(KeyUtil.generatePrivateKey(algorithm, key))
        return this
    }

    fun setPrivateKey(key: String): Sign = setPrivateKey(key.encodeToByteArray())

    fun setPublicKey(key: ByteArray): Sign {
-        setPublicKey(
-            KeyUtil.generatePublicKey(this.algorithm, key)
-        )
+        setPublicKey(KeyUtil.generatePublicKey(algorithm, key))
        return this
    }

--- a/app/src/main/java/io/legado/app/help/crypto/SymmetricCryptoAndroid.kt
+++ b/app/src/main/java/io/legado/app/help/crypto/SymmetricCryptoAndroid.kt
@@ -1,10 +1,12 @@
-package io.legado.app.help
+package io.legado.app.help.crypto

+import androidx.annotation.Keep
 import cn.hutool.crypto.symmetric.SymmetricCrypto
 import io.legado.app.utils.EncoderUtils
 import java.io.InputStream
 import java.nio.charset.Charset

+@Keep
 class SymmetricCryptoAndroid(
    algorithm: String,
    key: ByteArray?,
--- a/app/src/main/java/io/legado/app/help/storage/Restore.kt
+++ b/app/src/main/java/io/legado/app/help/storage/Restore.kt
@@ -112,7 +112,7 @@ object Restore {
                if (ignoreLocalBook && book.isLocal) {
                    return@forEach
                }
-                if (appDb.bookDao.has(book.bookUrl) == true) {
+                if (appDb.bookDao.has(book.bookUrl)) {
                    updateBooks.add(book)
                } else {
                    newBooks.add(book)