我一直在使用此代码,到目前为止,它一直有效,但是我有点担心它的安全性(例如,在重定向查询中使用example.com入侵重定向),默认情况下VueJS是否安全?
try {
await this.$store.dispatch("auth/login", this.form);
this.$router.replace((this.$route.query as any).redirect || '/dashboard');
{
path: "*",
redirect: "/404"
},
{
path: "/404",
component: NotFound
},
router.beforeResolve((to, from, next) => {
let { permissions, shouldBeLoggedIn } = to.meta;
if (typeof shouldBeLoggedIn !== "undefined") {
const isLoggedIn = store.getters["auth/isLoggedIn"];
if (isLoggedIn !== shouldBeLoggedIn) {
router.push({ name: "Login", query: { redirect: to.path } });
return;
}
}
if (permissions) {
if (!Array.isArray(permissions)) {
permissions = [permissions];
}
for (const permission of permissions) {
if (!store.getters["auth/hasPermission"](permission)) {
next("/error/forbidden");
return;
}
}
}
next();