diff --git "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" index 1d40d06..ecad4c3 100644 --- "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" +++ "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" @@ -2304,7 +2304,8 @@ ### 7.33 版本 v2.4.0 Release Notes[规划中] - 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。 - 2、【优化】多个项目依赖升级至较新稳定版本,涉及netty、groovy、spring、springboot、mybatis等; -- 3、【修复】"CVE-2022-36157"授权漏洞修复。 +- 3、【修复】"CVE-2022-36157" 授权漏洞修复。 +- 4、【修复】"CVE-2022-43183" SSRF漏洞修复。 ### 7.34 新版本规划 [规划中] diff --git "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" index 1d40d06..ecad4c3 100644 --- "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" +++ "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" @@ -2304,7 +2304,8 @@ ### 7.33 版本 v2.4.0 Release Notes[规划中] - 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。 - 2、【优化】多个项目依赖升级至较新稳定版本,涉及netty、groovy、spring、springboot、mybatis等; -- 3、【修复】"CVE-2022-36157"授权漏洞修复。 +- 3、【修复】"CVE-2022-36157" 授权漏洞修复。 +- 4、【修复】"CVE-2022-43183" SSRF漏洞修复。 ### 7.34 新版本规划 [规划中] diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java index dcf5bb8..67faebc 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java @@ -1,7 +1,7 @@ package com.xxl.job.admin.controller; -import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.complete.XxlJobCompleter; +import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.model.XxlJobGroup; import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobLog; @@ -129,22 +129,26 @@ model.addAttribute("triggerCode", jobLog.getTriggerCode()); model.addAttribute("handleCode", jobLog.getHandleCode()); - model.addAttribute("executorAddress", jobLog.getExecutorAddress()); - model.addAttribute("triggerTime", jobLog.getTriggerTime().getTime()); model.addAttribute("logId", jobLog.getId()); return "joblog/joblog.detail"; } @RequestMapping("/logDetailCat") @ResponseBody - public ReturnT logDetailCat(String executorAddress, long triggerTime, long logId, int fromLineNum){ + public ReturnT logDetailCat(long logId, int fromLineNum){ try { - ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(executorAddress); - ReturnT logResult = executorBiz.log(new LogParam(triggerTime, logId, fromLineNum)); + // valid + XxlJobLog jobLog = xxlJobLogDao.load(logId); // todo, need to improve performance + if (jobLog == null) { + return new ReturnT(ReturnT.FAIL_CODE, I18nUtil.getString("joblog_logid_unvalid")); + } + + // log cat + ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(jobLog.getExecutorAddress()); + ReturnT logResult = executorBiz.log(new LogParam(jobLog.getTriggerTime().getTime(), logId, fromLineNum)); // is end if (logResult.getContent()!=null && logResult.getContent().getFromLineNum() > logResult.getContent().getToLineNum()) { - XxlJobLog jobLog = xxlJobLogDao.load(logId); if (jobLog.getHandleCode() > 0) { logResult.getContent().setEnd(true); } diff --git "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" index 1d40d06..ecad4c3 100644 --- "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" +++ "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" @@ -2304,7 +2304,8 @@ ### 7.33 版本 v2.4.0 Release Notes[规划中] - 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。 - 2、【优化】多个项目依赖升级至较新稳定版本,涉及netty、groovy、spring、springboot、mybatis等; -- 3、【修复】"CVE-2022-36157"授权漏洞修复。 +- 3、【修复】"CVE-2022-36157" 授权漏洞修复。 +- 4、【修复】"CVE-2022-43183" SSRF漏洞修复。 ### 7.34 新版本规划 [规划中] diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java index dcf5bb8..67faebc 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java @@ -1,7 +1,7 @@ package com.xxl.job.admin.controller; -import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.complete.XxlJobCompleter; +import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.model.XxlJobGroup; import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobLog; @@ -129,22 +129,26 @@ model.addAttribute("triggerCode", jobLog.getTriggerCode()); model.addAttribute("handleCode", jobLog.getHandleCode()); - model.addAttribute("executorAddress", jobLog.getExecutorAddress()); - model.addAttribute("triggerTime", jobLog.getTriggerTime().getTime()); model.addAttribute("logId", jobLog.getId()); return "joblog/joblog.detail"; } @RequestMapping("/logDetailCat") @ResponseBody - public ReturnT logDetailCat(String executorAddress, long triggerTime, long logId, int fromLineNum){ + public ReturnT logDetailCat(long logId, int fromLineNum){ try { - ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(executorAddress); - ReturnT logResult = executorBiz.log(new LogParam(triggerTime, logId, fromLineNum)); + // valid + XxlJobLog jobLog = xxlJobLogDao.load(logId); // todo, need to improve performance + if (jobLog == null) { + return new ReturnT(ReturnT.FAIL_CODE, I18nUtil.getString("joblog_logid_unvalid")); + } + + // log cat + ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(jobLog.getExecutorAddress()); + ReturnT logResult = executorBiz.log(new LogParam(jobLog.getTriggerTime().getTime(), logId, fromLineNum)); // is end if (logResult.getContent()!=null && logResult.getContent().getFromLineNum() > logResult.getContent().getToLineNum()) { - XxlJobLog jobLog = xxlJobLogDao.load(logId); if (jobLog.getHandleCode() > 0) { logResult.getContent().setEnd(true); } diff --git a/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js b/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js index ddefd46..0638eee 100644 --- a/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js +++ b/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js @@ -25,8 +25,6 @@ async: false, // sync, make log ordered url : base_url + '/joblog/logDetailCat', data : { - "executorAddress":executorAddress, - "triggerTime":triggerTime, "logId":logId, "fromLineNum":fromLineNum }, diff --git "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" index 1d40d06..ecad4c3 100644 --- "a/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" +++ "b/doc/XXL-JOB\345\256\230\346\226\271\346\226\207\346\241\243.md" @@ -2304,7 +2304,8 @@ ### 7.33 版本 v2.4.0 Release Notes[规划中] - 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。 - 2、【优化】多个项目依赖升级至较新稳定版本,涉及netty、groovy、spring、springboot、mybatis等; -- 3、【修复】"CVE-2022-36157"授权漏洞修复。 +- 3、【修复】"CVE-2022-36157" 授权漏洞修复。 +- 4、【修复】"CVE-2022-43183" SSRF漏洞修复。 ### 7.34 新版本规划 [规划中] diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java index dcf5bb8..67faebc 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java @@ -1,7 +1,7 @@ package com.xxl.job.admin.controller; -import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.complete.XxlJobCompleter; +import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.model.XxlJobGroup; import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobLog; @@ -129,22 +129,26 @@ model.addAttribute("triggerCode", jobLog.getTriggerCode()); model.addAttribute("handleCode", jobLog.getHandleCode()); - model.addAttribute("executorAddress", jobLog.getExecutorAddress()); - model.addAttribute("triggerTime", jobLog.getTriggerTime().getTime()); model.addAttribute("logId", jobLog.getId()); return "joblog/joblog.detail"; } @RequestMapping("/logDetailCat") @ResponseBody - public ReturnT logDetailCat(String executorAddress, long triggerTime, long logId, int fromLineNum){ + public ReturnT logDetailCat(long logId, int fromLineNum){ try { - ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(executorAddress); - ReturnT logResult = executorBiz.log(new LogParam(triggerTime, logId, fromLineNum)); + // valid + XxlJobLog jobLog = xxlJobLogDao.load(logId); // todo, need to improve performance + if (jobLog == null) { + return new ReturnT(ReturnT.FAIL_CODE, I18nUtil.getString("joblog_logid_unvalid")); + } + + // log cat + ExecutorBiz executorBiz = XxlJobScheduler.getExecutorBiz(jobLog.getExecutorAddress()); + ReturnT logResult = executorBiz.log(new LogParam(jobLog.getTriggerTime().getTime(), logId, fromLineNum)); // is end if (logResult.getContent()!=null && logResult.getContent().getFromLineNum() > logResult.getContent().getToLineNum()) { - XxlJobLog jobLog = xxlJobLogDao.load(logId); if (jobLog.getHandleCode() > 0) { logResult.getContent().setEnd(true); } diff --git a/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js b/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js index ddefd46..0638eee 100644 --- a/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js +++ b/xxl-job-admin/src/main/resources/static/js/joblog.detail.1.js @@ -25,8 +25,6 @@ async: false, // sync, make log ordered url : base_url + '/joblog/logDetailCat', data : { - "executorAddress":executorAddress, - "triggerTime":triggerTime, "logId":logId, "fromLineNum":fromLineNum }, diff --git a/xxl-job-admin/src/main/resources/templates/joblog/joblog.detail.ftl b/xxl-job-admin/src/main/resources/templates/joblog/joblog.detail.ftl index 3881cfa..bb8072f 100644 --- a/xxl-job-admin/src/main/resources/templates/joblog/joblog.detail.ftl +++ b/xxl-job-admin/src/main/resources/templates/joblog/joblog.detail.ftl @@ -62,8 +62,6 @@ // 参数 var triggerCode = '${triggerCode}'; var handleCode = '${handleCode}'; - var executorAddress = '${executorAddress!}'; - var triggerTime = '${triggerTime?c}'; var logId = '${logId}';