github/new-api
1
0
Fork 0
mirror of https://github.com/QuantumNous/new-api.git synced 2026-04-20 14:38:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: guard new 504/524 status remaps with risk confirmation

Browse Source
This commit is contained in:
Seefs
2026-02-22 20:03:46 +08:00
parent f4dded51ab
commit 4831bb7b5b
11 changed files with 419 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
web/src/components/table/channels/modals/EditChannelModal.jsx
View File

@@ -61,9 +61,11 @@ import OllamaModelModal from './OllamaModelModal';
import CodexOAuthModal from './CodexOAuthModal';
import JSONEditor from '../../../common/ui/JSONEditor';
import SecureVerificationModal from '../../../common/modals/SecureVerificationModal';
import StatusCodeRiskGuardModal from './StatusCodeRiskGuardModal';
import ChannelKeyDisplay from '../../../common/ui/ChannelKeyDisplay';
import { useSecureVerification } from '../../../../hooks/common/useSecureVerification';
import { createApiCalls } from '../../../../services/secureVerification';
import { collectNewDisallowedStatusCodeRedirects } from './statusCodeRiskGuard';
import {
IconSave,
IconClose,
@@ -255,6 +257,12 @@ const EditChannelModal = (props) => {
window.open(targetUrl, '_blank', 'noopener');
};
const [verifyLoading, setVerifyLoading] = useState(false);
const statusCodeRiskConfirmResolverRef = useRef(null);
const [statusCodeRiskConfirmVisible, setStatusCodeRiskConfirmVisible] =
useState(false);
const [statusCodeRiskDetailItems, setStatusCodeRiskDetailItems] = useState(
[],
);
// 表单块导航相关状态
const formSectionRefs = useRef({
@@ -276,6 +284,7 @@ const EditChannelModal = (props) => {
const doubaoApiClickCountRef = useRef(0);
const initialModelsRef = useRef([]);
const initialModelMappingRef = useRef('');
const initialStatusCodeMappingRef = useRef('');
// 2FA状态更新辅助函数
const updateTwoFAState = (updates) => {
@@ -691,6 +700,7 @@ const EditChannelModal = (props) => {
.map((model) => (model || '').trim())
.filter(Boolean);
initialModelMappingRef.current = data.model_mapping || '';
initialStatusCodeMappingRef.current = data.status_code_mapping || '';
let parsedIonet = null;
if (data.other_info) {
@@ -1017,11 +1027,22 @@ const EditChannelModal = (props) => {
if (!isEdit) {
initialModelsRef.current = [];
initialModelMappingRef.current = '';
initialStatusCodeMappingRef.current = '';
}
}, [isEdit, props.visible]);
useEffect(() => {
return () => {
if (statusCodeRiskConfirmResolverRef.current) {
statusCodeRiskConfirmResolverRef.current(false);
statusCodeRiskConfirmResolverRef.current = null;
}
};
}, []);
// 统一的模态框重置函数
const resetModalState = () => {
resolveStatusCodeRiskConfirm(false);
formApiRef.current?.reset();
// 重置渠道设置状态
setChannelSettings({
@@ -1151,6 +1172,22 @@ const EditChannelModal = (props) => {
});
});
const resolveStatusCodeRiskConfirm = (confirmed) => {
setStatusCodeRiskConfirmVisible(false);
setStatusCodeRiskDetailItems([]);
if (statusCodeRiskConfirmResolverRef.current) {
statusCodeRiskConfirmResolverRef.current(confirmed);
statusCodeRiskConfirmResolverRef.current = null;
}
};
const confirmStatusCodeRisk = (detailItems) =>
new Promise((resolve) => {
statusCodeRiskConfirmResolverRef.current = resolve;
setStatusCodeRiskDetailItems(detailItems);
setStatusCodeRiskConfirmVisible(true);
});
const hasModelConfigChanged = (normalizedModels, modelMappingStr) => {
if (!isEdit) return true;
const initialModels = initialModelsRef.current;
@@ -1340,6 +1377,17 @@ const EditChannelModal = (props) => {
}
}
const riskyStatusCodeRedirects = collectNewDisallowedStatusCodeRedirects(
initialStatusCodeMappingRef.current,
localInputs.status_code_mapping,
);
if (riskyStatusCodeRedirects.length > 0) {
const confirmed = await confirmStatusCodeRisk(riskyStatusCodeRedirects);
if (!confirmed) {
return;
}
}
if (localInputs.base_url && localInputs.base_url.endsWith('/')) {
localInputs.base_url = localInputs.base_url.slice(
0,
@@ -3440,6 +3488,12 @@ const EditChannelModal = (props) => {
onVisibleChange={(visible) => setIsModalOpenurl(visible)}
/>
</SideSheet>
<StatusCodeRiskGuardModal
visible={statusCodeRiskConfirmVisible}
detailItems={statusCodeRiskDetailItems}
onCancel={() => resolveStatusCodeRiskConfirm(false)}
onConfirm={() => resolveStatusCodeRiskConfirm(true)}
/>
{/* 使用通用安全验证模态框 */}
<SecureVerificationModal
visible={isModalVisible}

37
web/src/components/table/channels/modals/StatusCodeRiskGuardModal.jsx Normal file
View File

@@ -0,0 +1,37 @@
import React from 'react';
import { useTranslation } from 'react-i18next';
import RiskAcknowledgementModal from '../../../common/modals/RiskAcknowledgementModal';
import {
STATUS_CODE_RISK_I18N_KEYS,
STATUS_CODE_RISK_CHECKLIST_KEYS,
} from './statusCodeRiskGuard';
const StatusCodeRiskGuardModal = ({
visible,
detailItems,
onCancel,
onConfirm,
}) => {
const { t } = useTranslation();
return (
<RiskAcknowledgementModal
visible={visible}
title={t(STATUS_CODE_RISK_I18N_KEYS.title)}
markdownContent={t(STATUS_CODE_RISK_I18N_KEYS.markdown)}
detailTitle={t(STATUS_CODE_RISK_I18N_KEYS.detailTitle)}
detailItems={detailItems}
checklist={STATUS_CODE_RISK_CHECKLIST_KEYS.map((item) => t(item))}
inputPrompt={t(STATUS_CODE_RISK_I18N_KEYS.inputPrompt)}
requiredText={t(STATUS_CODE_RISK_I18N_KEYS.confirmText)}
inputPlaceholder={t(STATUS_CODE_RISK_I18N_KEYS.inputPlaceholder)}
mismatchText={t(STATUS_CODE_RISK_I18N_KEYS.mismatchText)}
cancelText={t('取消')}
confirmText={t(STATUS_CODE_RISK_I18N_KEYS.confirmButton)}
onCancel={onCancel}
onConfirm={onConfirm}
/>
);
};
export default StatusCodeRiskGuardModal;

101
web/src/components/table/channels/modals/statusCodeRiskGuard.js Normal file
View File

@@ -0,0 +1,101 @@
const NON_REDIRECTABLE_STATUS_CODES = new Set([504, 524]);
export const STATUS_CODE_RISK_I18N_KEYS = {
title: '高危操作确认',
detailTitle: '检测到以下高危状态码重定向规则',
inputPrompt: '操作确认',
confirmButton: '我确认开启高危重试',
markdown: '高危状态码重试风险告知与免责声明Markdown',
confirmText: '高危状态码重试风险确认输入文本',
inputPlaceholder: '高危状态码重试风险输入框占位文案',
mismatchText: '高危状态码重试风险输入不匹配提示',
};
export const STATUS_CODE_RISK_CHECKLIST_KEYS = [
'高危状态码重试风险确认项1',
'高危状态码重试风险确认项2',
'高危状态码重试风险确认项3',
'高危状态码重试风险确认项4',
];
function parseStatusCodeKey(rawKey) {
if (typeof rawKey !== 'string') {
return null;
}
const normalized = rawKey.trim();
if (!/^[1-5]\d{2}$/.test(normalized)) {
return null;
}
return Number.parseInt(normalized, 10);
}
function parseStatusCodeMappingTarget(rawValue) {
if (typeof rawValue === 'number' && Number.isInteger(rawValue)) {
return rawValue >= 100 && rawValue <= 599 ? rawValue : null;
}
if (typeof rawValue === 'string') {
const normalized = rawValue.trim();
if (!/^[1-5]\d{2}$/.test(normalized)) {
return null;
}
const code = Number.parseInt(normalized, 10);
return code >= 100 && code <= 599 ? code : null;
}
return null;
}
export function collectDisallowedStatusCodeRedirects(statusCodeMappingStr) {
if (
typeof statusCodeMappingStr !== 'string' ||
statusCodeMappingStr.trim() === ''
) {
return [];
}
let parsed;
try {
parsed = JSON.parse(statusCodeMappingStr);
} catch (error) {
return [];
}
if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
return [];
}
const riskyMappings = [];
Object.entries(parsed).forEach(([rawFrom, rawTo]) => {
const fromCode = parseStatusCodeKey(rawFrom);
const toCode = parseStatusCodeMappingTarget(rawTo);
if (fromCode === null || toCode === null) {
return;
}
if (!NON_REDIRECTABLE_STATUS_CODES.has(fromCode)) {
return;
}
if (fromCode === toCode) {
return;
}
riskyMappings.push(`${fromCode} -> ${toCode}`);
});
return Array.from(new Set(riskyMappings)).sort();
}
export function collectNewDisallowedStatusCodeRedirects(
originalStatusCodeMappingStr,
currentStatusCodeMappingStr,
) {
const currentRisky = collectDisallowedStatusCodeRedirects(
currentStatusCodeMappingStr,
);
if (currentRisky.length === 0) {
return [];
}
const originalRiskySet = new Set(
collectDisallowedStatusCodeRedirects(originalStatusCodeMappingStr),
);
return currentRisky.filter((mapping) => !originalRiskySet.has(mapping));
}