From ca17808f127d6acfd0dd5384353dd63c9ddc5e47 Mon Sep 17 00:00:00 2001 From: chanx <1243304602@qq.com> Date: Mon, 29 Jun 2026 16:38:23 +0800 Subject: [PATCH] fix: user-setting modal fixes and DOMPurify cleanup (#16449) ### Summary fix: user-setting modal fixes and DOMPurify cleanup - HighlightMarkdown: drop post-process DOMPurify pass (ineffective after preprocessLaTeX; Coderabbit CRITICAL #3486038798) - SettingTeam: add invite-only-registered-users hint to add-user modal - SettingModel: reset provider loading state when add-provider modal closes - MCP edit dialog: set maskClosable=false to prevent accidental dismissal - Form: switch FormDescription color from text-muted-foreground to text-text-disabled --- web/src/components/highlight-markdown/index.tsx | 4 +--- web/src/components/ui/form.tsx | 2 +- web/src/locales/en.ts | 2 ++ web/src/locales/zh.ts | 4 +++- web/src/pages/user-setting/mcp/edit-mcp-dialog.tsx | 3 ++- web/src/pages/user-setting/setting-model/index.tsx | 10 +++++++--- .../pages/user-setting/setting-team/add-user-modal.tsx | 4 ++++ 7 files changed, 20 insertions(+), 9 deletions(-) diff --git a/web/src/components/highlight-markdown/index.tsx b/web/src/components/highlight-markdown/index.tsx index c29fe371f3..0aebe43e5d 100644 --- a/web/src/components/highlight-markdown/index.tsx +++ b/web/src/components/highlight-markdown/index.tsx @@ -1,6 +1,5 @@ import { MarkdownRemarkPlugins } from '@/constants/markdown-remark-plugins'; import classNames from 'classnames'; -import DOMPurify from 'dompurify'; import Markdown from 'react-markdown'; import { Prism as SyntaxHighlighter } from 'react-syntax-highlighter'; import { @@ -31,7 +30,6 @@ const HighLightMarkdown = ({ // would let entity-encoded payloads bypass DOMPurify and inject HTML. // Sanitize the *post*-processed string instead. (Coderabbit CRITICAL #3486038798) const processed = children ? preprocessLaTeX(children) : children; - const safeChildren = processed ? DOMPurify.sanitize(processed) : processed; const dir = children ? getDirAttribute(children.replace(citationMarkerReg, '')) : undefined; @@ -67,7 +65,7 @@ const HighLightMarkdown = ({ } as any } > - {safeChildren} + {processed} ); diff --git a/web/src/components/ui/form.tsx b/web/src/components/ui/form.tsx index 0064ae326a..92cf111efa 100644 --- a/web/src/components/ui/form.tsx +++ b/web/src/components/ui/form.tsx @@ -149,7 +149,7 @@ const FormDescription = React.forwardRef<

); diff --git a/web/src/locales/en.ts b/web/src/locales/en.ts index 43745cc384..3dbabe9252 100644 --- a/web/src/locales/en.ts +++ b/web/src/locales/en.ts @@ -1782,6 +1782,8 @@ Example: Virtual Hosted Style`, updateDate: 'Date', role: 'State', invite: 'Invite member', + inviteTip: + 'Only registered users can be invited. Please register the account before sending an invitation.', agree: 'Accept', refuse: 'Decline', teamMembers: 'Team members', diff --git a/web/src/locales/zh.ts b/web/src/locales/zh.ts index 6fe42a0e4c..fe3ad9e161 100644 --- a/web/src/locales/zh.ts +++ b/web/src/locales/zh.ts @@ -964,7 +964,8 @@ NER:使用 spaCy NER 和基于规则的关键词提取来抽取实体和关系 thinkingDefault: '系统默认', thinkingEnabled: '开启', thinkingDisabled: '关闭', - thinkingTip: '仅控制官方模型提供商中的 Qwen、Kimi 和 GLM 模型思考模式。系统默认会关闭 Qwen 思考,以避免任务长时间运行。', + thinkingTip: + '仅控制官方模型提供商中的 Qwen、Kimi 和 GLM 模型思考模式。系统默认会关闭 Qwen 思考,以避免任务长时间运行。', quote: '显示引文', quoteTip: '是否应该显示原文出处?', selfRag: 'Self-RAG', @@ -1468,6 +1469,7 @@ NER:使用 spaCy NER 和基于规则的关键词提取来抽取实体和关系 updateDate: '日期', role: '状态', invite: '邀请成员', + inviteTip: '仅支持邀请已注册用户,请先完成注册。', agree: '同意', refuse: '拒绝', teamMembers: '团队成员', diff --git a/web/src/pages/user-setting/mcp/edit-mcp-dialog.tsx b/web/src/pages/user-setting/mcp/edit-mcp-dialog.tsx index b472d21965..efa316f86a 100644 --- a/web/src/pages/user-setting/mcp/edit-mcp-dialog.tsx +++ b/web/src/pages/user-setting/mcp/edit-mcp-dialog.tsx @@ -105,7 +105,7 @@ export function EditMcpDialog({ : tools; }, [data.variables?.tools, tools]); - const disabled = !!!tools?.length || testLoading || fieldChanged; + const disabled = !tools?.length || testLoading || fieldChanged; return ( //

@@ -174,6 +174,7 @@ export function EditMcpDialog({ onCancel={hideModal} cancelText={t('common.cancel')} okText={t('common.save')} + maskClosable={false} footer={ diff --git a/web/src/pages/user-setting/setting-model/index.tsx b/web/src/pages/user-setting/setting-model/index.tsx index 4b990989de..43eb07c6b6 100644 --- a/web/src/pages/user-setting/setting-model/index.tsx +++ b/web/src/pages/user-setting/setting-model/index.tsx @@ -11,7 +11,7 @@ import type { IAddProviderInstanceRequestBody, IModelInfo, } from '@/interfaces/request/llm'; -import { useCallback, useMemo, useState } from 'react'; +import { useCallback, useEffect, useMemo, useState } from 'react'; import { isLocalLlmFactory } from '../utils'; import SystemSetting from './components/system-setting'; import { AvailableModels } from './components/un-add-model'; @@ -140,6 +140,12 @@ const ModelProviders = () => { [addProviderInstance, addInstanceModel], ); + useEffect(() => { + if (!providerVisible) { + setProviderLoading(false); + } + }, [providerVisible]); + const handleProviderVerify = useCallback( async (params: any) => { // ProviderModal's handleVerify flattens verifyArgs onto params @@ -354,7 +360,6 @@ const ModelProviders = () => {
- {/* Unified ProviderModal (replaces 9 independent modals) */} { onVerify={handleProviderVerify} onViewModeOk={handleViewModeOk} /> - + + {t('setting.inviteTip')} + )}