{f.type === "select" ? (
diff --git a/src/admin/drive/P123QRCodeLogin.tsx b/src/admin/drive/P123QRCodeLogin.tsx
index 14ad2a2..fe5286b 100644
--- a/src/admin/drive/P123QRCodeLogin.tsx
+++ b/src/admin/drive/P123QRCodeLogin.tsx
@@ -113,11 +113,11 @@ export function P123QRCodeLogin({ onToken }: { onToken: (token: string) => void
- 使用微信或 123 云盘 App 扫码并确认登录;确认后系统会自动填入 access_token。
+ 使用微信或 123网盘 App 扫码并确认登录;确认后系统会自动填入 access_token。
{session.expiresAt && (
diff --git a/src/admin/drive/WopanQRCodeLogin.tsx b/src/admin/drive/WopanQRCodeLogin.tsx
new file mode 100644
index 0000000..af6705a
--- /dev/null
+++ b/src/admin/drive/WopanQRCodeLogin.tsx
@@ -0,0 +1,148 @@
+import { useEffect, useState } from "react";
+import { QrCode } from "lucide-react";
+import * as api from "../api";
+import { useToast } from "../ToastContext";
+
+function wopanQRStatusClass(
+ status: api.WopanQRStatus | null,
+ completed: boolean,
+ error: string
+): string {
+ if (completed || status?.state === 3) return "is-ok";
+ if (error || status?.state === 4) return "is-error";
+ return "is-pending";
+}
+
+export function WopanQRCodeLogin({
+ onCredentials,
+}: {
+ onCredentials: (credentials: {
+ accessToken: string;
+ refreshToken: string;
+ familyID?: string;
+ }) => void;
+}) {
+ const { show } = useToast();
+ const [session, setSession] = useState(null);
+ const [status, setStatus] = useState(null);
+ const [starting, setStarting] = useState(false);
+ const [pollingError, setPollingError] = useState("");
+ const [completed, setCompleted] = useState(false);
+
+ async function start() {
+ setStarting(true);
+ setPollingError("");
+ setCompleted(false);
+ setStatus(null);
+ try {
+ const next = await api.startWopanQRLogin();
+ setSession(next);
+ } catch (e) {
+ setSession(null);
+ show(e instanceof Error ? e.message : "生成二维码失败", "error");
+ } finally {
+ setStarting(false);
+ }
+ }
+
+ useEffect(() => {
+ if (!session || completed) return;
+ const activeSession = session;
+ let stopped = false;
+ let inFlight = false;
+ let timer: number | undefined;
+
+ async function poll() {
+ if (stopped || inFlight) return;
+ inFlight = true;
+ try {
+ const next = await api.getWopanQRStatus(activeSession.uuid);
+ if (stopped) return;
+ setStatus(next);
+ setPollingError("");
+ if (next.accessToken && next.refreshToken) {
+ stopped = true;
+ if (timer) window.clearInterval(timer);
+ setCompleted(true);
+ onCredentials({
+ accessToken: next.accessToken,
+ refreshToken: next.refreshToken,
+ familyID: next.familyID,
+ });
+ show("扫码成功,已填入 access_token 和 refresh_token,保存后生效", "success");
+ return;
+ }
+ if (next.state === 4) {
+ stopped = true;
+ if (timer) window.clearInterval(timer);
+ }
+ } catch (e) {
+ if (stopped) return;
+ setPollingError(e instanceof Error ? e.message : "查询扫码状态失败");
+ } finally {
+ inFlight = false;
+ }
+ }
+
+ poll();
+ timer = window.setInterval(poll, 1200);
+ return () => {
+ stopped = true;
+ if (timer) window.clearInterval(timer);
+ };
+ }, [session, completed, onCredentials, show]);
+
+ const statusText = completed
+ ? "已获取凭证"
+ : pollingError || status?.statusText || (session ? "等待扫码" : "未生成二维码");
+ const statusClass = wopanQRStatusClass(status, completed, pollingError);
+
+ return (
+ = {
quark: "夸克网盘",
p115: "115 网盘",
- p123: "123 云盘",
+ p123: "123网盘",
pikpak: "PikPak",
- wopan: "联通沃盘",
+ wopan: "联通网盘",
onedrive: "OneDrive",
googledrive: "Google Drive",
localstorage: "本地存储",
@@ -150,11 +150,11 @@ export function credentialHelp(kind: Kind, isEdit: boolean): string {
case "p115":
return `登录 115.com 后复制 Cookie,形如 "UID=...; CID=...; SEID=...; KID=..."。${note}`;
case "p123":
- return `推荐使用扫码登录自动获取 access_token;账号密码登录被 123 云盘风控拦截时,也可以只填写 access_token。播放走 302 跳转到 123 云盘返回的短期 CDN 地址。${note}`;
+ return `推荐使用扫码登录自动获取 access_token;账号密码登录被 123网盘风控拦截时,也可以只填写 access_token。播放走 302 跳转到 123网盘返回的短期 CDN 地址。${note}`;
case "pikpak":
return `填写 PikPak 账号和密码即可。平台、设备 ID、验证码 token 和 refresh token 会由服务端自动处理并保存。${note}`;
case "wopan":
- return `需要 access_token 和 refresh_token。后续会加扫码/短信登录入口,第一版只能手工粘贴。${note}`;
+ return `推荐使用扫码登录自动获取 access_token 和 refresh_token;也可以手工粘贴已有凭证。${note}`;
case "onedrive":
return `按 OpenList 默认应用在线挂载,只需要 refresh_token;保存时会自动刷新并保存 token。${note}`;
case "googledrive":
@@ -226,7 +226,7 @@ export function credentialFields(kind: Kind, creds: Record = {})
{
key: "password",
label: "密码(可选)",
- placeholder: "123 云盘密码",
+ placeholder: "123网盘密码",
},
{
key: "access_token",
@@ -258,6 +258,7 @@ export function credentialFields(kind: Kind, creds: Record = {})
label: "access_token",
placeholder: "",
required: true,
+ help: "扫码成功后会自动填入该字段;如果 token 过期,重新扫码后保存即可。",
},
{
key: "refresh_token",
diff --git a/src/components/VideoCard.tsx b/src/components/VideoCard.tsx
index 6f69e0c..ee94fcb 100644
--- a/src/components/VideoCard.tsx
+++ b/src/components/VideoCard.tsx
@@ -286,7 +286,7 @@ function withRetryParam(src: string, retry: number): string {
}
// 从后端返回的 sourceLabel 推断网盘类型(用于颜色标识)。
-// 后端目前会下发中文名("夸克网盘" / "115 网盘" / "PikPak" / "联通沃盘" / "OneDrive")
+// 后端目前会下发中文名("夸克网盘" / "115 网盘" / "PikPak" / "联通网盘" / "OneDrive")
// 或英文 kind。两边都尝试匹配;都没匹配上时返回空字符串,CSS 会回落到默认色。
function sourceKindFromLabel(label: string): string {
const value = label.toLowerCase();
diff --git a/src/components/VideoPlayer.tsx b/src/components/VideoPlayer.tsx
index 5e84b3a..f521426 100644
--- a/src/components/VideoPlayer.tsx
+++ b/src/components/VideoPlayer.tsx
@@ -110,6 +110,7 @@ const PLAYER_GESTURE_HUD_CLASS = "video-player__art-gesture-hud";
const PLAYER_GESTURE_HUD_ICON_CLASS = "video-player__art-gesture-hud-icon";
const PLAYER_GESTURE_HUD_VALUE_CLASS = "video-player__art-gesture-hud-value";
const PREVIEW_WIDTH = 168;
+const MEDIA_REFERRER_POLICY = "no-referrer";
const BRIGHTNESS_MIN = 0.45;
const BRIGHTNESS_MAX = 1.35;
const GESTURE_ACTIVATION_PX = 12;
@@ -269,9 +270,30 @@ function inferSourceType(src: string) {
const lower = src.toLowerCase();
const cleanPath = lower.split("#")[0].split("?")[0];
if (cleanPath.endsWith(".m3u8") || lower.includes(".m3u8")) return "m3u8";
+ if (isBackendNativeVideoRoute(cleanPath)) return "mp4";
return undefined;
}
+function isBackendNativeVideoRoute(cleanPath: string) {
+ const pathname = sourcePathname(cleanPath);
+ return (
+ pathname.startsWith("/p/stream/") ||
+ pathname.startsWith("/p/upload/") ||
+ pathname.startsWith("/p/spider91/")
+ );
+}
+
+function sourcePathname(src: string) {
+ if (src.startsWith("http://") || src.startsWith("https://")) {
+ try {
+ return new URL(src).pathname.toLowerCase();
+ } catch {
+ return src;
+ }
+ }
+ return src;
+}
+
function mountArtPlayer({
mount,
src,
@@ -305,7 +327,7 @@ function mountArtPlayer({
const option: Option = {
id: "91-detail-player",
container: mount,
- url: src,
+ url: "",
poster,
theme: "var(--video-player-progress)",
lang: "zh-cn",
@@ -350,12 +372,14 @@ function mountArtPlayer({
artRef.current = art;
const video = art.video as VideoElementWithHls;
+ video.setAttribute("referrerpolicy", MEDIA_REFERRER_POLICY);
video.setAttribute("aria-label", title);
video.setAttribute("controlsList", "nodownload");
video.setAttribute("webkit-playsinline", "true");
video.disablePictureInPicture = false;
video.playbackRate = settings.playbackRate;
applyPlayerBrightness(art, settings.brightness);
+ art.url = src;
function preventContextMenu(event: Event) {
event.preventDefault();
diff --git a/src/styles/admin.css b/src/styles/admin.css
index 6b3d2e0..bf61cc8 100644
--- a/src/styles/admin.css
+++ b/src/styles/admin.css
@@ -774,6 +774,7 @@
display: grid;
grid-template-columns: repeat(auto-fit, minmax(170px, 1fr));
gap: var(--space-3);
+ min-width: 0;
}
.admin-crawler-detail__grid .admin-gen-col {
@@ -1739,7 +1740,7 @@
display: grid;
gap: 6px;
width: 100%;
- min-width: 200px;
+ min-width: min(200px, 100%);
max-width: 320px;
}
@@ -1748,6 +1749,7 @@
grid-template-columns: auto auto minmax(0, 1fr);
align-items: center;
gap: 6px;
+ min-width: 0;
}
.admin-generation-kind {
@@ -1763,6 +1765,7 @@
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
+ overflow-wrap: anywhere;
color: var(--text-muted);
font-size: var(--font-xs);
}
@@ -4262,6 +4265,7 @@
grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
gap: var(--space-3);
margin-bottom: var(--space-4);
+ min-width: 0;
}
.admin-gen-col {
@@ -4272,6 +4276,8 @@
display: flex;
flex-direction: column;
gap: var(--space-2);
+ min-width: 0;
+ overflow: hidden;
}
.admin-gen-col__head {
@@ -4280,24 +4286,35 @@
justify-content: space-between;
gap: var(--space-2);
flex-wrap: wrap;
+ min-width: 0;
}
.admin-gen-col__label {
+ min-width: 0;
font-size: var(--font-sm);
font-weight: var(--weight-semibold);
color: var(--text-strong);
}
.admin-gen-col__detail {
+ display: -webkit-box;
+ max-width: 100%;
+ min-width: 0;
+ overflow: hidden;
+ -webkit-box-orient: vertical;
+ -webkit-line-clamp: 2;
font-size: var(--font-xs);
color: var(--text-muted);
line-height: var(--line-tight);
+ overflow-wrap: anywhere;
+ word-break: break-word;
}
.admin-gen-col__counts {
display: grid;
gap: 5px;
margin-top: 2px;
+ min-width: 0;
}
.admin-gen-col__count {
@@ -4305,10 +4322,14 @@
justify-content: space-between;
align-items: baseline;
font-size: var(--font-xs);
+ gap: var(--space-2);
+ min-width: 0;
}
.admin-gen-col__count span {
+ min-width: 0;
color: var(--text-faint);
+ overflow-wrap: anywhere;
}
.admin-gen-col__count strong {
diff --git a/tests/adminDriveForm.test.ts b/tests/adminDriveForm.test.ts
index 222ba36..ac1c98f 100644
--- a/tests/adminDriveForm.test.ts
+++ b/tests/adminDriveForm.test.ts
@@ -78,8 +78,9 @@ test("spider91 upload target uses explicit local-save option instead of auto tar
assert.match(combinedSource, /本地保存,不上传/);
assert.match(
combinedSource,
- /d\.kind === "pikpak"[\s\S]*d\.kind === "p115"[\s\S]*d\.kind === "p123"[\s\S]*d\.kind === "onedrive"[\s\S]*d\.kind === "googledrive"/
+ /d\.kind === "pikpak"[\s\S]*d\.kind === "p115"[\s\S]*d\.kind === "p123"[\s\S]*d\.kind === "onedrive"[\s\S]*d\.kind === "googledrive"[\s\S]*d\.kind === "wopan"/
);
+ assert.match(crawlerPageSource, /UPLOAD_TARGET_KINDS[\s\S]*"wopan"/);
assert.doesNotMatch(combinedSource, /自动:唯一/);
assert.doesNotMatch(combinedSource, /自动模式/);
assert.doesNotMatch(combinedSource, /较早的视频会上传到该云盘根目录下的 91 Spider 文件夹/);
@@ -193,13 +194,13 @@ test("localstorage drive form asks for a server directory path", () => {
test("drive type selector keeps primary source order", () => {
assert.deepEqual(driveTypeOptions(), [
{ value: "p115", label: "115 网盘" },
- { value: "p123", label: "123 云盘" },
+ { value: "p123", label: "123网盘" },
{ value: "pikpak", label: "PikPak" },
{ value: "onedrive", label: "OneDrive" },
{ value: "googledrive", label: "Google Drive" },
{ value: "localstorage", label: "本地存储" },
{ value: "quark", label: "夸克网盘" },
- { value: "wopan", label: "联通沃盘" },
+ { value: "wopan", label: "联通网盘" },
]);
});
diff --git a/tests/indexReferrerPolicy.test.ts b/tests/indexReferrerPolicy.test.ts
new file mode 100644
index 0000000..99b0e40
--- /dev/null
+++ b/tests/indexReferrerPolicy.test.ts
@@ -0,0 +1,15 @@
+import assert from "node:assert/strict";
+import { readFileSync } from "node:fs";
+import test from "node:test";
+
+const indexHtml = readFileSync(
+ new URL("../index.html", import.meta.url),
+ "utf8"
+);
+
+test("app shell prevents referrer leakage for 302 video playback", () => {
+ assert.match(
+ indexHtml,
+ //
+ );
+});
diff --git a/tests/videoPlayerPoster.test.ts b/tests/videoPlayerPoster.test.ts
index 440631b..c9dcac6 100644
--- a/tests/videoPlayerPoster.test.ts
+++ b/tests/videoPlayerPoster.test.ts
@@ -108,6 +108,23 @@ test("detail player uses custom mobile gestures instead of ArtPlayer native gest
assert.match(playerSource, /addEventListener\("touchmove", handleTouchMove, \{ passive: false \}\)/);
});
+test("detail player treats backend video routes as native mp4 sources", () => {
+ assert.match(playerSource, /if \(isBackendNativeVideoRoute\(cleanPath\)\) return "mp4"/);
+ assert.match(playerSource, /pathname\.startsWith\("\/p\/stream\/"\)/);
+ assert.match(playerSource, /pathname\.startsWith\("\/p\/upload\/"\)/);
+ assert.match(playerSource, /pathname\.startsWith\("\/p\/spider91\/"\)/);
+ assert.doesNotMatch(playerSource, /crossOrigin/);
+});
+
+test("detail player sets referrer policy before loading media url", () => {
+ assert.match(playerSource, /const MEDIA_REFERRER_POLICY = "no-referrer"/);
+ assert.match(playerSource, /url:\s*""/);
+ assert.match(
+ playerSource,
+ /video\.setAttribute\("referrerpolicy", MEDIA_REFERRER_POLICY\);[\s\S]*art\.url = src;/
+ );
+});
+
test("detail player fullscreen long-press rate hint lives inside ArtPlayer", () => {
assert.match(
detailCss,
+
+
+ );
+}
diff --git a/src/admin/drive/constants.ts b/src/admin/drive/constants.ts
index e253020..72c6393 100644
--- a/src/admin/drive/constants.ts
+++ b/src/admin/drive/constants.ts
@@ -25,9 +25,9 @@ export function driveKindAbbr(kind: string): string {
export const kindLabel: Record
+
+
+
+ {statusText}
+
+
+ {session && (
+
+
+
+ )}
+
+
+
+ 使用联通网盘 App 扫码并确认登录;确认后系统会自动填入 access_token 和 refresh_token。
+
+ {session.expiresAt && (
+
+ 过期时间:{new Date(session.expiresAt).toLocaleTimeString("zh-CN", {
+ hour: "2-digit",
+ minute: "2-digit",
+ second: "2-digit",
+ })}
+
+ )}
+ {status?.state === 4 && (
+
+ 当前二维码已过期,请重新生成。
+
+ )}
+