28042 1.5敏感信息泄露【中】

one_stop_public/App/ExportCurrentInfo/index.js

@@ -49,16 +49,14 @@ export default class ExportCurrentInfo extends React.Component {
   }
 
   exportData = () => {
-    let downloadUrl = config.httpServer + '/DataObjApi/exportCurrent?';
-    const token = getToken() != null && getToken() != 'null' ? getToken() : '0000';
-    downloadUrl = `${downloadUrl}token=${token}`;
-
+    let downloadUrl = config.httpServer + '/DataObjApi/exportCurrent';
     let param = {
       dataObjId: this.props.objId,
       query: this.props.query,
       custom: this.props.custom,
       sql: this.props.sql,
       index: this.props.index,
+      // token: getToken(),
     };
     if(this.props.openSelectFieldsModal){ // 26598 自定义数据导出---导出字段调整，，，注意数据权限
 
@@ -76,10 +74,12 @@ export default class ExportCurrentInfo extends React.Component {
   downloadFile(url, params) {
     this.setState({ confirmLoading: true });
     let newApi = giveFilePostDataInfoForTrue(params, url);
+    if(newApi && newApi.datas){
+      newApi.datas.token = getToken();
+    }
     fetch(newApi.url, {
       method: 'POST',
-      body: FormdataWrapper(newApi.datas,
-      ),
+      body: FormdataWrapper(newApi.datas),
       ...getHeaders(),
     })
       .then((res) => {

one_stop_public/App/ImportUtil.js

@@ -223,10 +223,12 @@ export default class ImportUtil extends React.PureComponent {
       importConfig: importConfig ? JSON.stringify(importConfig) : null,
       objId,
       fileName,
-      token: getToken(),
     };
     let url = `${config.httpServer}/DataObjApi/importTemplateDownload`;
     let newParams = giveFilePostDataInfoForTrue(params, url);
+    if(newParams && newParams.datas){
+      newParams.datas.token = getToken();
+    }
     fetch(newParams.url, {
       method: 'POST',
       body: FormdataWrapper(newParams.datas),