修复宽带产品管理页面中xss漏洞

package.json

@@ -54,7 +54,8 @@
     "vuedraggable": "^2.23.2",
     "vuedraggable": "^2.23.2",
     "vuex": "^3.1.2",
     "vuex": "^3.1.2",
     "vuex-class": "^0.3.1",
     "vuex-class": "^0.3.1",
-    "webpack": "^4.41.2"
+    "webpack": "^4.41.2",
+    "xss": "^1.0.11"
   },
   },
   "devDependencies": {
   "devDependencies": {
     "@babel/polyfill": "^7.7.0",
     "@babel/polyfill": "^7.7.0",

src/views/school-center/productManagement/product.vue

@@ -150,13 +150,13 @@
                         </a-select>
                         </a-select>
                     </a-form-item>
                     </a-form-item>
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="产品情况：">
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="产品情况：">
-                        <mavon-editor @save="saveProductIntroduction" ref="editor_a" v-model="productIntroduction"></mavon-editor>
+                        <mavon-editor @save="saveProductIntroduction" ref="editor_a" v-model="productIntroduction" :xssOptions="{}"></mavon-editor>
                     </a-form-item>
                     </a-form-item>
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="单宽资费介绍：">
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="单宽资费介绍：">
-                        <mavon-editor @save="saveProductSetMealIntroduction" ref="editor_b" v-model="productSetMealIntroduction"></mavon-editor>
+                        <mavon-editor @save="saveProductSetMealIntroduction" ref="editor_b" v-model="productSetMealIntroduction" :xssOptions="{}"></mavon-editor>
                     </a-form-item>
                     </a-form-item>
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="融合资费介绍：">
                     <a-form-item :labelCol="{span: 5}" :wrapperCol="{span: 18, offset: 1}" label="融合资费介绍：">
-                        <mavon-editor @save="saveProductRf2" ref="editor_c" v-model="productRf2"></mavon-editor>
+                        <mavon-editor @save="saveProductRf2" ref="editor_c" v-model="productRf2" :xssOptions="{}"></mavon-editor>
                     </a-form-item>
                     </a-form-item>
                 </div>
                 </div>
             </a-form>
             </a-form>
@@ -293,9 +293,10 @@
         methods: {
         methods: {
             saveProductIntroduction(markdown, html) {
             saveProductIntroduction(markdown, html) {
                 // 此时会自动将 markdown 和 html 传递到这个方法中
                 // 此时会自动将 markdown 和 html 传递到这个方法中
+
                 console.log("markdown内容:" + markdown);
                 console.log("markdown内容:" + markdown);
                 //alert("html内容:" + html);
                 //alert("html内容:" + html);
-                this.productIntroduction = html;
+                this.productIntroduction = html
             },
             },
             saveProductSetMealIntroduction(markdown, html) {
             saveProductSetMealIntroduction(markdown, html) {
                 // 此时会自动将 markdown 和 html 传递到这个方法中
                 // 此时会自动将 markdown 和 html 传递到这个方法中