diff --git a/app/electron/init.html b/app/electron/init.html
index ba010adf4..3e9c6c9f3 100644
--- a/app/electron/init.html
+++ b/app/electron/init.html
@@ -421,17 +421,49 @@
// macOS 端对工作空间放置在 iCloud 路径下做检查 https://github.com/siyuan-note/siyuan/issues/7747
const path = require('path')
- const iCloudRoot = path.join(decodeURIComponent(getSearch('home')), 'Library', 'Mobile Documents')
- const allFiles = walk(iCloudRoot)
+ const homePath = decodeURIComponent(getSearch('home'))
const absPathLower = absPath.toLowerCase()
- for (const file of allFiles) {
- if (-1 < absPathLower.indexOf(file.toLowerCase())) {
- return true
+ const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents')
+ if (!simpleCheckIcloudPath(absPath, homePath)) {
+ // 简单判断无法通过则复杂验证
+ const allFiles = walk(iCloudRoot)
+ for (const file of allFiles) {
+ if (-1 < absPathLower.indexOf(file.toLowerCase())) {
+ return true
+ }
}
}
return false
}
+ // 简单判断 iCloud 同步目录
+ // 不允许 为桌面 文档 和 iCloud 文件夹 和软链接
+ const simpleCheckIcloudPath = (absPath, homePath) => {
+ const fs = require('fs')
+ let stat = fs.lstatSync(absPath)
+ if (stat.isSymbolicLink()) {
+ return false
+ }
+
+ const path = require('path')
+ const absPathLower = absPath.toLowerCase()
+ const iCloudRoot = path.join(homePath, 'Library', 'Mobile Documents')
+ if (absPathLower.startsWith(iCloudRoot.toLowerCase())) {
+ return false
+ }
+
+ const documentsRoot = path.join(homePath, 'Documents')
+ if (absPathLower.startsWith(documentsRoot.toLowerCase())) {
+ return false
+ }
+
+ const desktopRoot = path.join(homePath, 'Desktop')
+ if (absPathLower.startsWith(desktopRoot.toLowerCase())) {
+ return false
+ }
+ return true
+ }
+
const walk = (dir, files = []) => {
let dirFiles;
const fs = require('fs')
@@ -440,7 +472,6 @@
console.log("dir [" + dir + "] not exists")
return files
}
-
dirFiles = fs.readdirSync(dir)
} catch (e) {
console.error("read dir [" + dir + "] failed: ", e)
@@ -459,9 +490,8 @@
if (files.includes(dir + path.sep + f)) {
continue
}
- walk(dir + path.sep + f, files)
- } else {
files.push(dir + path.sep + f)
+ walk(dir + path.sep + f, files)
}
}
return files
diff --git a/app/src/protyle/wysiwyg/index.ts b/app/src/protyle/wysiwyg/index.ts
index 51ad76df1..0a477f455 100644
--- a/app/src/protyle/wysiwyg/index.ts
+++ b/app/src/protyle/wysiwyg/index.ts
@@ -21,7 +21,8 @@ import {isLocalPath, pathPosix} from "../../util/pathName";
import {genEmptyElement} from "../../block/util";
import {previewImage} from "../preview/image";
import {
- contentMenu, enterBack,
+ contentMenu,
+ enterBack,
fileAnnotationRefMenu,
imgMenu,
linkMenu,
@@ -1527,7 +1528,8 @@ export class WYSIWYG {
(!event.isComposing || (event.isComposing && range.toString() !== "")) // https://github.com/siyuan-note/siyuan/issues/4341
) {
// 搜狗输入法不走 keydown,需重新记录历史状态
- if (nodeElement && typeof protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] === "undefined") {
+ if (range.toString() === "" && // windows 下回车新建块输入abc,选中 bc ctrl+m 后光标错误
+ nodeElement && typeof protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] === "undefined") {
range.insertNode(document.createElement("wbr"));
protyle.wysiwyg.lastHTMLs[nodeElement.getAttribute("data-node-id")] = nodeElement.outerHTML;
nodeElement.querySelector("wbr").remove();
diff --git a/kernel/model/session.go b/kernel/model/session.go
index 4a5ebc65b..e1b5d53e2 100644
--- a/kernel/model/session.go
+++ b/kernel/model/session.go
@@ -195,7 +195,7 @@ func CheckAuth(c *gin.Context) {
return
}
- // 通过 API token
+ // 通过 API token (header: Authorization)
if authHeader := c.GetHeader("Authorization"); "" != authHeader {
if strings.HasPrefix(authHeader, "Token ") {
token := strings.TrimPrefix(authHeader, "Token ")
@@ -210,6 +210,18 @@ func CheckAuth(c *gin.Context) {
}
}
+ // 通过 API token (query-params: token)
+ if token := c.Query("token"); "" != token {
+ if Conf.Api.Token == token {
+ c.Next()
+ return
+ }
+
+ c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed"})
+ c.Abort()
+ return
+ }
+
if "/check-auth" == c.Request.URL.Path { // 跳过访问授权页
c.Next()
return