Merge pull request 'fix:安全问题修复。新增书签耗时长问题修复' (#22) from dev into master

Reviewed-on: #22

bookMarkService/business/bookmark/src/main/java/com/fanxb/bookmark/business/bookmark/service/impl/BookmarkServiceImpl.java

@@ -43,6 +43,7 @@ import java.io.File;
 import java.io.FileOutputStream;
 import java.io.InputStream;
 import java.net.MalformedURLException;
+import java.net.SocketTimeoutException;
 import java.net.URL;
 import java.net.URLEncoder;
 import java.nio.charset.Charset;
@@ -280,11 +281,14 @@ public class BookmarkServiceImpl implements BookmarkService {
         bookmark.setUserId(userId);
         bookmark.setCreateTime(System.currentTimeMillis());
         bookmark.setAddTime(bookmark.getCreateTime());
-        bookmark.setIcon(getIconPath(bookmark.getUrl(), bookmark.getIcon(), bookmark.getIconUrl()));
+        bookmark.setIcon(bookmark.getType() == 1 ? "" : getIconPath(bookmark.getUrl(), bookmark.getIcon(), bookmark.getIconUrl(), true));
         //文件夹和书签都建立搜索key
         pinYinService.changeBookmark(bookmark);
         bookmarkDao.insertOne(bookmark);
         userApi.versionPlus(userId);
+        if (StrUtil.isEmpty(bookmark.getIcon()) && bookmark.getType() == 0) {
+            updateIconAsync(bookmark.getBookmarkId(), bookmark.getUrl(), userId);
+        }
         return bookmark;
     }
 
@@ -294,13 +298,33 @@ public class BookmarkServiceImpl implements BookmarkService {
         bookmark.setUserId(userId);
         if (bookmark.getType() == 0) {
             pinYinService.changeBookmark(bookmark);
-            bookmark.setIcon(getIconPath(bookmark.getUrl(), null, null));
+            bookmark.setIcon(getIconPath(bookmark.getUrl(), null, null, true));
+            if (StrUtil.isEmpty(bookmark.getIcon())) {
+                updateIconAsync(bookmark.getBookmarkId(), bookmark.getUrl(), userId);
+            }
         }
         bookmarkDao.editBookmark(bookmark);
         userApi.versionPlus(userId);
         return bookmark.getIcon();
     }
 
+    /**
+     * 异步更新书签icon
+     *
+     * @param id     书签id
+     * @param url    书签url
+     * @param userId userId
+     */
+    private void updateIconAsync(int id, String url, int userId) {
+        ThreadPoolUtil.execute(() -> {
+            String icon = getIconPath(url, null, null, false);
+            if (StrUtil.isEmpty(icon)) {
+                return;
+            }
+            bookmarkDao.updateIcon(id, icon);
+        });
+    }
+
 
     @Override
     @Transactional(rollbackFor = Exception.class)
@@ -353,7 +377,7 @@ public class BookmarkServiceImpl implements BookmarkService {
         while (!(deal = bookmarkDao.selectUserNoIcon(userId, start, size)).isEmpty()) {
             start += size;
             deal.forEach(item -> {
-                String icon = getIconPath(item.getUrl(), null, null);
+                String icon = getIconPath(item.getUrl(), null, null, false);
                 if (StrUtil.isNotEmpty(icon)) {
                     bookmarkDao.updateIcon(item.getBookmarkId(), icon);
                 }
@@ -387,13 +411,14 @@ public class BookmarkServiceImpl implements BookmarkService {
     /**
      * 获取icon,通过网络获取，或者从base64还原
      *
-     * @param url     url
+     * @param url     书签url路径
-     * @param icon    icon
+     * @param icon    base64编码的icon
-     * @param iconUrl iconUrl
+     * @param iconUrl base64编码的文件，文件名,用于获取文件名后缀
+     * @param quick   是否快速获取
      * @return {@link String}
      * @author fanxb
      */
-    private String getIconPath(String url, String icon, String iconUrl) {
+    private String getIconPath(String url, String icon, String iconUrl, boolean quick) {
         String host;
         try {
             URL urlObj = new URL(url);
@@ -420,7 +445,7 @@ public class BookmarkServiceImpl implements BookmarkService {
             return iconPath;
         }
         //再根据url解析
-        iconPath = saveFile(host, urlIconAddress + "/icon?url=" + host + "&size=16..128..256");
+        iconPath = saveFile(host, urlIconAddress + "/icon?url=" + host + "&size=16..128..256", quick);
         if (StrUtil.isNotEmpty(iconPath)) {
             hostIconDao.insert(host, iconPath);
         }
@@ -430,13 +455,14 @@ public class BookmarkServiceImpl implements BookmarkService {
     /**
      * 保存文件到icon路径
      *
-     * @param host host
+     * @param host  host
-     * @param url  url
+     * @param url   url
+     * @param quick 是否快速获取,快速获取超时时间1s
      * @return {@link String}
      * @author FleyX
      */
-    private String saveFile(String host, String url) {
+    private String saveFile(String host, String url, boolean quick) {
-        try (Response res = HttpUtil.getClient(false).newCall(new Request.Builder().url(url)
+        try (Response res = (quick ? HttpUtil.getSHORT_CLIENT() : HttpUtil.getClient(false)).newCall(new Request.Builder().url(url)
                 .header("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36")
                 .get().build()).execute()) {
             assert res.body() != null;
@@ -450,6 +476,8 @@ public class BookmarkServiceImpl implements BookmarkService {
             } else {
                 log.info("未获取到icon:{}", url);
             }
+        } catch (SocketTimeoutException timeoutException) {
+            log.info("获取icon超时：{}", host);
         } catch (Exception e) {
             log.error("url获取icon故障:{}", url, e);
         }

bookMarkService/business/pom.xml

@@ -23,12 +23,6 @@
             <artifactId>bookmark-common</artifactId>
             <version>1.0-SNAPSHOT</version>
         </dependency>
-
-        <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-web -->
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-        </dependency>
     </dependencies>
 
 

bookMarkService/common/pom.xml

@@ -74,44 +74,44 @@
             <version>8.0.33</version>
         </dependency>
 
-        <!--邮件依赖-->
+<!--        &lt;!&ndash;邮件依赖&ndash;&gt;-->
-        <dependency>
+<!--        <dependency>-->
-            <groupId>org.springframework.boot</groupId>
+<!--            <groupId>org.springframework.boot</groupId>-->
-            <artifactId>spring-boot-starter-mail</artifactId>
+<!--            <artifactId>spring-boot-starter-mail</artifactId>-->
-        </dependency>
+<!--        </dependency>-->
 
-        <!--减负依赖-->
+<!--        &lt;!&ndash;减负依赖&ndash;&gt;-->
-        <dependency>
+<!--        <dependency>-->
-            <groupId>org.projectlombok</groupId>
+<!--            <groupId>org.projectlombok</groupId>-->
-            <artifactId>lombok</artifactId>
+<!--            <artifactId>lombok</artifactId>-->
-        </dependency>
+<!--        </dependency>-->
-        <!--json工具依赖-->
+<!--        &lt;!&ndash;json工具依赖&ndash;&gt;-->
-        <dependency>
+<!--        <dependency>-->
-            <groupId>com.alibaba</groupId>
+<!--            <groupId>com.alibaba</groupId>-->
-            <artifactId>fastjson</artifactId>
+<!--            <artifactId>fastjson</artifactId>-->
-            <version>1.2.83</version>
+<!--            <version>1.2.83</version>-->
-        </dependency>
+<!--        </dependency>-->
 
 
-        <dependency>
+<!--        <dependency>-->
-            <groupId>org.elasticsearch.client</groupId>
+<!--            <groupId>org.elasticsearch.client</groupId>-->
-            <artifactId>elasticsearch-rest-high-level-client</artifactId>
+<!--            <artifactId>elasticsearch-rest-high-level-client</artifactId>-->
-        </dependency>
+<!--        </dependency>-->
 
-        <dependency>
+<!--        <dependency>-->
-            <groupId>cn.hutool</groupId>
+<!--            <groupId>cn.hutool</groupId>-->
-            <artifactId>hutool-all</artifactId>
+<!--            <artifactId>hutool-all</artifactId>-->
-            <version>5.8.21</version>
+<!--            <version>5.8.21</version>-->
-        </dependency>
+<!--        </dependency>-->
 
         <!--单元测试-->
         <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-test -->
         <!--mysql jdbc依赖-->
-        <dependency>
+<!--        <dependency>-->
-            <groupId>mysql</groupId>
+<!--            <groupId>mysql</groupId>-->
-            <artifactId>mysql-connector-java</artifactId>
+<!--            <artifactId>mysql-connector-java</artifactId>-->
-            <version>8.0.33</version>
+<!--            <version>8.0.33</version>-->
-        </dependency>
+<!--        </dependency>-->
 
         <!--邮件依赖-->
         <dependency>
@@ -140,7 +140,7 @@
         <dependency>
             <groupId>cn.hutool</groupId>
             <artifactId>hutool-all</artifactId>
-            <version>5.8.21</version>
+            <version>5.8.25</version>
         </dependency>
 
         <!--单元测试-->

bookMarkService/common/src/main/java/com/fanxb/bookmark/common/util/HttpUtil.java

@@ -53,6 +53,14 @@ public class HttpUtil {
             .readTimeout(60, TimeUnit.SECONDS)
             .build();
 
+    /**
+     * 超时时间1s
+     */
+    @Getter
+    private static final OkHttpClient SHORT_CLIENT = new OkHttpClient.Builder().connectTimeout(1, TimeUnit.SECONDS)
+            .readTimeout(1, TimeUnit.SECONDS)
+            .build();
+
     /**
      * 获取客户端
      *

bookMarkService/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.7.14</version>
+        <version>2.7.17</version>
         <relativePath/>
     </parent>
 

bookmark_front/.gitignore

@@ -24,3 +24,4 @@ pnpm-debug.log*
 *.njsproj
 *.sln
 *.sw?
+