fix(e2e): regenerate sample.tgz with deterministic gzip header (mtime=0, no FNAME)

Co-authored-by: klboke <18591662+klboke@users.noreply.github.com>

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: "Security Report / 安全漏洞报告"
+    url: "https://github.com/kekingcn/kkFileView/security/advisories/new"
+    about: "For sensitive security issues, please use private security report. / 涉及敏感安全问题请使用私密安全报告。"

.github/ISSUE_TEMPLATE/feature-request.yml

@@ -0,0 +1,76 @@
+name: "Feature Request / 功能建议"
+description: "Propose a new feature with clear use case and acceptance criteria. / 提交功能建议，请明确场景与验收标准。"
+title: "[FEATURE] "
+labels: ["type/feature", "priority/p2", "status/needs-info"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for your idea! / 感谢你的建议！
+
+        Please provide concrete business scenarios and the expected behavior.
+        请尽量提供明确业务场景和期望行为，便于评估优先级与实现方案。
+
+        For urgent production issues, you can use our Knowledge Planet channel for faster processing:
+        https://wx.zsxq.com/group/48844125114258
+        如为线上紧急问题，可通过知识星球渠道加速处理：
+        https://wx.zsxq.com/group/48844125114258
+
+  - type: textarea
+    id: background
+    attributes:
+      label: "Background / 背景"
+      description: "What problem are you trying to solve? / 你要解决什么问题？"
+      placeholder: "Describe current pain points... / 描述当前痛点..."
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: "Proposal / 建议方案"
+      description: "What do you expect kkFileView to support? / 期望 kkFileView 支持什么？"
+      placeholder: "Describe expected feature behavior... / 描述期望功能行为..."
+    validations:
+      required: true
+
+  - type: textarea
+    id: use_case
+    attributes:
+      label: "Use Case / 使用场景"
+      description: "Provide 1-3 concrete scenarios. / 提供 1-3 个具体场景"
+      placeholder: |
+        Scenario 1:
+        Scenario 2:
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: "Alternatives / 备选方案"
+      description: "What alternatives have you considered? / 是否考虑过替代方案？"
+      placeholder: "Existing workaround or alternative... / 当前替代做法..."
+    validations:
+      required: false
+
+  - type: textarea
+    id: acceptance
+    attributes:
+      label: "Acceptance Criteria / 验收标准"
+      description: "How do we know this feature is done? / 如何判断该功能完成？"
+      placeholder: |
+        - [ ] Criterion 1
+        - [ ] Criterion 2
+    validations:
+      required: true
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: "Checklist / 提交前检查"
+      options:
+        - label: "I have searched existing issues and did not find a duplicate feature request. / 我已搜索现有 issue，未发现重复功能建议"
+          required: true
+        - label: "I provided concrete use cases and expected behavior. / 我已提供具体使用场景和期望行为"
+          required: true

.github/ISSUE_TEMPLATE/issue-report.yml

@@ -0,0 +1,121 @@
+name: "Issue Report / 问题反馈"
+description: "Please provide complete required information to help us reproduce and follow up. / 请完整填写必填信息，便于复现与跟进。"
+title: "[ISSUE] "
+labels: ["status/needs-info"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for your report! / 感谢反馈！
+
+        **Please fill in all required fields.**
+        **请完整填写所有必填项。**
+
+        Incomplete issues may be closed and asked to resubmit.
+        信息不完整的问题可能会被关闭并要求重新提交。
+
+        For urgent production issues, you can use our Knowledge Planet channel for faster processing:
+        https://wx.zsxq.com/group/48844125114258
+        如为线上紧急问题，可通过知识星球渠道加速处理：
+        https://wx.zsxq.com/group/48844125114258
+
+  - type: dropdown
+    id: issue_type
+    attributes:
+      label: "Issue Type / 问题类型"
+      description: "Select the closest type. / 请选择最接近的问题类型"
+      options:
+        - "Bug / 缺陷"
+        - "Performance / 性能问题"
+        - "Security / 安全问题"
+        - "Question / 使用咨询"
+    validations:
+      required: true
+
+  - type: input
+    id: kkfileview_version
+    attributes:
+      label: "kkFileView Version / kkFileView 版本"
+      placeholder: "e.g. 4.4.0"
+    validations:
+      required: true
+
+  - type: input
+    id: deploy_mode
+    attributes:
+      label: "Deployment Mode / 部署方式"
+      description: "jar / docker / k8s / source, etc. / jar / docker / k8s / 源码部署等"
+      placeholder: "e.g. docker"
+    validations:
+      required: true
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: "Environment / 环境信息"
+      description: "OS, JDK, LibreOffice/OpenOffice, browser, reverse proxy, etc. / 操作系统、JDK、Office组件、浏览器、反向代理等"
+      placeholder: |
+        - OS:
+        - JDK:
+        - LibreOffice/OpenOffice:
+        - Browser:
+        - Proxy (Nginx/Ingress):
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduce_steps
+    attributes:
+      label: "Steps to Reproduce / 复现步骤"
+      description: "Provide clear, minimal, reproducible steps. / 提供清晰、最小可复现步骤"
+      placeholder: |
+        1) ...
+        2) ...
+        3) ...
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected_result
+    attributes:
+      label: "Expected Result / 期望结果"
+      placeholder: "What should happen? / 期望实际应该出现什么结果？"
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual_result
+    attributes:
+      label: "Actual Result / 实际结果"
+      placeholder: "What happened instead? / 实际发生了什么？"
+    validations:
+      required: true
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: "Logs & Screenshots / 日志与截图"
+      description: "Paste key logs/error stack and attach screenshots (mask sensitive data). / 粘贴关键日志或异常堆栈，并上传截图（请脱敏）"
+      render: shell
+    validations:
+      required: true
+
+  - type: textarea
+    id: sample_file
+    attributes:
+      label: "Sample File / 样例文件（可选）"
+      description: "If possible, provide a minimal sample file or reproducible URL (desensitized). / 如可提供，请附最小样例文件或可复现 URL（脱敏）"
+    validations:
+      required: false
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: "Checklist / 提交前检查"
+      options:
+        - label: "I have searched existing issues and did not find a duplicate. / 我已搜索现有 issue，未发现重复问题"
+          required: true
+        - label: "I can reproduce this issue on the stated version/environment. / 我可在上述版本与环境复现该问题"
+          required: true
+        - label: "I have masked sensitive information in logs/screenshots. / 我已对日志与截图中的敏感信息做脱敏处理"
+          required: true

.github/workflows/auto-close-old-issues.yml

@@ -0,0 +1,78 @@
+name: Auto Close Old Issues (1y)
+
+on:
+  schedule:
+    # Daily at 02:20 UTC
+    - cron: '20 2 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+
+jobs:
+  close_old_issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Close issues older than 1 year
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const owner = context.repo.owner;
+            const repo = context.repo.repo;
+            const now = new Date();
+            const cutoff = new Date(now.getTime() - 365 * 24 * 60 * 60 * 1000);
+
+            const closeComment = `该 Issue 已超过 1 年未活跃，为便于维护当前问题队列，先做关闭处理。\n\n如该问题在最新版本仍存在，欢迎直接 **Reopen** 本 Issue（或新建 Issue 并关联本单），并补充：\n1. 版本与部署方式\n2. 最小复现步骤\n3. 关键日志/截图（请脱敏）\n\n我们会优先跟进。`;
+
+            let page = 1;
+            let processed = 0;
+            while (true) {
+              const { data: issues } = await github.rest.issues.listForRepo({
+                owner,
+                repo,
+                state: 'open',
+                per_page: 100,
+                page,
+                sort: 'created',
+                direction: 'asc'
+              });
+
+              if (!issues.length) break;
+
+              for (const issue of issues) {
+                // skip pull requests
+                if (issue.pull_request) continue;
+
+                const createdAt = new Date(issue.created_at);
+                if (createdAt > cutoff) {
+                  // list is sorted asc by created time; remaining items are newer
+                  core.info('Reached issues newer than cutoff, stop scanning.');
+                  return;
+                }
+
+                try {
+                  await github.rest.issues.createComment({
+                    owner,
+                    repo,
+                    issue_number: issue.number,
+                    body: closeComment,
+                  });
+
+                  await github.rest.issues.update({
+                    owner,
+                    repo,
+                    issue_number: issue.number,
+                    state: 'closed',
+                  });
+
+                  processed += 1;
+                  core.info(`Closed #${issue.number}`);
+                } catch (e) {
+                  core.warning(`Failed to close #${issue.number}: ${e.message}`);
+                }
+              }
+
+              page += 1;
+            }
+
+            core.info(`Done. Closed ${processed} old issues.`);

.github/workflows/copilot-issue-auto-comment.yml

@@ -0,0 +1,34 @@
+name: Copilot Issue Auto Comment
+
+on:
+  issues:
+    types: [opened]
+  workflow_dispatch:
+
+permissions:
+  issues: write
+
+jobs:
+  copilot_auto_comment:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Ask Copilot to triage issue automatically
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const issue = context.payload.issue;
+            if (!issue) return;
+
+            const owner = context.repo.owner;
+            const repo = context.repo.repo;
+
+            const body = `@copilot 请自动分诊并直接给出可执行建议（无需人工先介入）：\n\n- 先判断类型：Bug / Performance / Security / Question / Feature\n- 检查 Issue 信息是否完整（版本、部署方式、复现步骤、日志）\n- 若信息不完整：请直接按模板列出缺失项并引导补充\n- 若信息较完整：请给出下一步排查建议与最小复现建议\n- 若判断为已知问题或已修复：请给出对应版本/修复方向\n\nIssue #${issue.number}\n标题：${issue.title}\n链接：${issue.html_url}\n\n---\n\n补充说明 / Support Notice:\n- GitHub Issues 会持续跟进处理 / We will continue to follow up through GitHub Issues.\n- 如为线上紧急问题，可通过知识星球渠道加速处理 / For urgent production issues, you can use our Knowledge Planet channel for faster processing:\n  https://wx.zsxq.com/group/48844125114258`;
+
+            await github.rest.issues.createComment({
+              owner,
+              repo,
+              issue_number: issue.number,
+              body,
+            });
+
+            core.info(`Copilot prompt comment posted to #${issue.number}`);

.github/workflows/maven.yml

@@ -12,13 +12,41 @@ on:
 jobs:
   build:
     runs-on: ubuntu-22.04
+
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up JDK 8
-      uses: actions/setup-java@v2
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up JDK 21
+      uses: actions/setup-java@v4
       with:
-        java-version: '8'
-        distribution: 'adopt'
-        cache: maven
+        java-version: '21'
+        distribution: 'temurin'  # 使用 Eclipse Temurin (AdoptOpenJDK 的继任者)
+        cache: 'maven'
+
+    - name: Cache Maven packages
+      uses: actions/cache@v4
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+
     - name: Build with Maven
-      run: mvn -B package --file pom.xml
+      run: mvn -B package -Dmaven.test.skip=true --file pom.xml
+
+    - name: Upload Linux distribution package
+      if: success()
+      uses: actions/upload-artifact@v4
+      with:
+        name: kkfileview-linux
+        path: server/target/*.tar.gz
+        retention-days: 7
+
+    - name: Upload Windows distribution package
+      if: success()
+      uses: actions/upload-artifact@v4
+      with:
+        name: kkfileview-windows
+        path: server/target/*.zip
+        retention-days: 7

.github/workflows/nightly-e2e.yml

@@ -0,0 +1,118 @@
+name: Nightly E2E Full
+
+on:
+  schedule:
+    - cron: '30 18 * * *' # 02:30 Asia/Shanghai
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  e2e-nightly:
+    runs-on: ubuntu-latest
+    timeout-minutes: 50
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup JDK 21
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '21'
+          cache: maven
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: tests/e2e/package-lock.json
+
+      - name: Setup Python 3.11
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install LibreOffice + archive tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libreoffice zip p7zip-full
+
+      - name: Setup Python deps for office fixtures
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r tests/e2e/requirements.txt
+
+      - name: Build kkFileView
+        run: mvn -q -pl server -DskipTests package
+
+      - name: Install E2E deps
+        working-directory: tests/e2e
+        run: |
+          npm ci
+          npx playwright install --with-deps chromium
+
+      - name: Start fixture server
+        run: |
+          cd tests/e2e/fixtures
+          python3 -m http.server 18080 > /tmp/fixture-server.log 2>&1 &
+
+      - name: Start kkFileView
+        run: |
+          JAR_PATH=$(ls server/target/kkFileView-*.jar | head -n 1)
+          nohup env KK_TRUST_HOST='*' KK_NOT_TRUST_HOST='10.*,172.16.*,192.168.*' java -jar "$JAR_PATH" > /tmp/kkfileview.log 2>&1 &
+
+      - name: Wait for services
+        run: |
+          fixture_ready=false
+          for i in {1..60}; do
+            if curl -fsS http://127.0.0.1:18080/sample.txt >/dev/null; then
+              fixture_ready=true
+              break
+            fi
+            sleep 1
+          done
+          if [ "$fixture_ready" != "true" ]; then
+            echo "Error: fixture server did not become ready within 60 seconds." >&2
+            exit 1
+          fi
+
+          kkfileview_ready=false
+          for i in {1..120}; do
+            if curl -fsS http://127.0.0.1:8012/ >/dev/null; then
+              kkfileview_ready=true
+              break
+            fi
+            sleep 1
+          done
+          if [ "$kkfileview_ready" != "true" ]; then
+            echo "Error: kkFileView service did not become ready within 120 seconds." >&2
+            exit 1
+          fi
+
+      - name: Run nightly E2E suites
+        working-directory: tests/e2e
+        env:
+          KK_BASE_URL: http://127.0.0.1:8012
+          FIXTURE_BASE_URL: http://127.0.0.1:18080
+          E2E_MAX_PREVIEW_MS: 20000
+        run: npm run test:ci
+
+      - name: Upload Playwright report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: nightly-playwright-report
+          path: tests/e2e/playwright-report
+
+      - name: Upload service logs
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: nightly-e2e-service-logs
+          path: |
+            /tmp/kkfileview.log
+            /tmp/fixture-server.log

.github/workflows/pr-e2e-mvp.yml

@@ -0,0 +1,100 @@
+name: PR E2E MVP
+
+on:
+  pull_request:
+    branches: [master]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  e2e-mvp:
+    runs-on: ubuntu-latest
+    timeout-minutes: 40
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup JDK 21
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '21'
+          cache: maven
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: tests/e2e/package-lock.json
+
+      - name: Setup Python 3.11
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install LibreOffice + archive tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libreoffice zip p7zip-full
+
+      - name: Setup Python deps for office fixtures
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r tests/e2e/requirements.txt
+
+      - name: Build kkFileView
+        run: mvn -q -pl server -DskipTests package
+
+      - name: Install E2E deps
+        working-directory: tests/e2e
+        run: |
+          npm install
+          npx playwright install --with-deps chromium
+
+      - name: Start fixture server
+        run: |
+          cd tests/e2e/fixtures
+          python3 -m http.server 18080 > /tmp/fixture-server.log 2>&1 &
+
+      - name: Start kkFileView
+        run: |
+          JAR_PATH=$(ls server/target/kkFileView-*.jar | head -n 1)
+          nohup env KK_TRUST_HOST='*' KK_NOT_TRUST_HOST='10.*,172.16.*,192.168.*' java -jar "$JAR_PATH" > /tmp/kkfileview.log 2>&1 &
+
+      - name: Wait for services
+        run: |
+          for i in {1..60}; do
+            curl -fsS http://127.0.0.1:18080/sample.txt >/dev/null && break
+            sleep 1
+          done
+          for i in {1..120}; do
+            curl -fsS http://127.0.0.1:8012/ >/dev/null && break
+            sleep 1
+          done
+
+      - name: Run E2E
+        working-directory: tests/e2e
+        env:
+          KK_BASE_URL: http://127.0.0.1:8012
+          FIXTURE_BASE_URL: http://127.0.0.1:18080
+        run: npm test
+
+      - name: Upload Playwright report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-report
+          path: tests/e2e/playwright-report
+
+      - name: Upload service logs
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: e2e-service-logs
+          path: |
+            /tmp/kkfileview.log
+            /tmp/fixture-server.log

README.cn.md

@@ -53,80 +53,81 @@
 #### 1. 文本预览
 支持所有类型的文本文档预览， 由于文本文档类型过多，无法全部枚举，默认开启的类型如下 txt,html,htm,asp,jsp,xml,xbrl,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd  
 文本预览效果如下  
-![文本预览效果如下](https://kkview.cn/img/preview/preview-text.png)      
+![文本预览效果如下](./doc/img/preview/preview-text.png)      
 
 #### 2. 图片预览
 支持jpg，jpeg，png，gif等图片预览（翻转，缩放，镜像），预览效果如下  
-![图片预览](https://kkview.cn/img/preview/preview-image.png)  
+![图片预览](./doc/img/preview/preview-image.png)  
 
 #### 3. word文档预览
 支持doc，docx文档预览，word预览有两种模式：一种是每页word转为图片预览，另一种是整个word文档转成pdf，再预览pdf。两种模式的适用场景如下  
 * 图片预览：word文件大，前台加载整个pdf过慢
 * pdf预览：内网访问，加载pdf快
 图片预览模式预览效果如下  
-![word文档预览1](https://kkview.cn/img/preview/preview-doc-image.png)  
+![word文档预览1](./doc/img/preview/preview-doc-image.png)  
 pdf预览模式预览效果如下  
-![word文档预览2](https://kkview.cn/img/preview/preview-doc-pdf.png)  
+![word文档预览2](./doc/img/preview/preview-doc-pdf.png)  
 
 #### 4. ppt文档预览
 支持ppt，pptx文档预览，和word文档一样，有两种预览模式  
 图片预览模式预览效果如下  
-![ppt文档预览1](https://kkview.cn/img/preview/preview-ppt-image.png)  
+![ppt文档预览1](./doc/img/preview/preview-ppt-image.png)  
 pdf预览模式预览效果如下  
-![ppt文档预览2](https://kkview.cn/img/preview/preview-ppt-pdf.png)  
+![ppt文档预览2](./doc/img/preview/preview-ppt-pdf.png)  
 
 #### 5. pdf文档预览
 支持pdf文档预览，和word文档一样，有两种预览模式   
 图片预览模式预览效果如下  
-![pdf文档预览1](https://kkview.cn/img/preview/preview-pdf-image.png)  
+![pdf文档预览1](./doc/img/preview/preview-pdf-image.png)  
 pdf预览模式预览效果如下   
-![pdf文档预览2](https://kkview.cn/img/preview/preview-pdf-pdf.png)    
+![pdf文档预览2](./doc/img/preview/preview-pdf-pdf.png)    
 
 #### 6. excel文档预览
 支持xls，xlsx文档预览，预览效果如下  
-![excel文档预览](https://kkview.cn/img/preview/preview-xls.png)  
+![excel文档预览](./doc/img/preview/preview-xls.png)  
 
 #### 7. 压缩文件预览
 支持zip,rar,jar,tar,gzip等压缩包，预览效果如下  
-![压缩文件预览1](https://kkview.cn/img/preview/preview-zip.png)  
+![压缩文件预览1](./doc/img/preview/preview-zip.png)  
 可点击压缩包中的文件名，直接预览文件，预览效果如下  
-![压缩文件预览2](https://kkview.cn/img/preview/preview-zip-inner.png)  
+![压缩文件预览2](./doc/img/preview/preview-zip-inner.png)  
 
 #### 8. 多媒体文件预览
 理论上支持所有的视频、音频文件，由于无法枚举所有文件格式，默认开启的类型如下  
 mp3,wav,mp4,flv  
 视频预览效果如下  
-![多媒体文件预览1](https://kkview.cn/img/preview/preview-video.png)  
+![多媒体文件预览1](./doc/img/preview/preview-video.png)  
 音频预览效果如下  
-![多媒体文件预览2](https://kkview.cn/img/preview/preview-audio.png)  
+![多媒体文件预览2](./doc/img/preview/preview-audio.png)  
 
 #### 9. CAD文档预览
 支持CAD dwg文档预览，和word文档一样，有两种预览模式  
 图片预览模式预览效果如下  
-![cad文档预览1](https://kkview.cn/img/preview/preview-cad-image.png)  
+![cad文档预览1](./doc/img/preview/preview-cad-image.png)  
 pdf预览模式预览效果如下  
-![cad文档预览2](https://kkview.cn/img/preview/preview-cad-pdf.png)  
-考虑说明篇幅原因，就不贴其他格式文件的预览效果了，感兴趣的可以参考下面的实例搭建下
+![cad文档预览2](./doc/img/preview/preview-cad-pdf.png)
 
 #### 10. Excel文件纯前端渲染效果
 
-![Excel文件纯前端渲染效果](https://kkview.cn/img/preview/preview-xlsx-web.png)  
+![Excel文件纯前端渲染效果](./doc/img/preview/preview-xlsx-web.png)  
 
 #### 11. 流程图bpmn文件预览效果
 
-![流程图bpmn文件预览效果](https://kkview.cn/img/preview/preview-bpmn.png)  
+![流程图bpmn文件预览效果](./doc/img/preview/preview-bpmn.png)  
 
 #### 12. 3D模型文件预览效果：
 
-![3D模型文件预览效果](https://kkview.cn/img/preview/preview-3ds.png)  
+![3D模型文件预览效果](./doc/img/preview/preview-3ds.png)  
 
 #### 13. dcm医疗数位影像文件预览效果：
 
-![dcm医疗数位影像文件预览效果](https://kkview.cn/img/preview/preview-dcm.png) 
+![dcm医疗数位影像文件预览效果](./doc/img/preview/preview-dcm.png) 
 
 #### 14. drawio流程图预览效果：
 
-![dcdrawio流程图预览效果](https://kkview.cn/img/preview/preview-drawio.png) 
+![drawio流程图预览效果](./doc/img/preview/preview-drawio.png) 
+
+考虑说明篇幅原因，就不贴其他格式文件的预览效果了，感兴趣的可以参考下面的实例搭建下
 
 ### 快速开始
 > 项目使用技术
@@ -148,7 +149,56 @@ pdf预览模式预览效果如下
 
 ### 历史更新记录
 
-#### > 2023年07月05日，v4.3 版本发布 ：
+#### > 2025年01月16日，v4.4.0 版本发布 ：
+
+### 新增功能
+1. xlsx 新增支持打印功能
+2. 配置文件新增启用 GZIP 压缩
+3. CAD 格式新增支持转换成 SVG 和 TIF 格式，新增超时结束、线程管理
+4. 新增删除文件使用验证码校验
+5. 新增 xbrl 格式预览支持
+6. PDF 预览新增控制签名、绘图、插图控制、搜索定位页码、定义显示内容等功能
+7. 新增 CSV 格式前端解析支持
+8. 新增 ARM64 下的 Docker 镜像支持
+9. 新增 Office 预览支持转换超时属性设置功能
+10. 新增预览文件 host 黑名单机制
+
+### 优化
+1. 优化 OFD 移动端预览 页面不自适应
+2. 更新 xlsx 前端解析组件，加速解析速度
+3. 升级 CAD 组件
+4. office 功能调整，支持批注、转换页码限制、生成水印等功能
+5. 升级 markdown 组件
+6. 升级 dcm 解析组件
+7. 升级 PDF.JS 解析组件
+8. 更换视频播放插件为 ckplayer
+9. tif 解析更加智能化，支持被修改的图片格式
+10. 针对大小文本文件检测字符编码的正确率，处理并发隐患
+11. 重构下载文件的代码，新增通用的文件服务器认证访问的设计
+12. 更新 bootstrap 组件，并精简掉不需要的文件
+13. 更新 epub 版本，优化 epub 显示效果
+14. 解决定时清除缓存时，对于多媒体类型文件，只删除了磁盘缓存文件
+15. 自动检测已安装 Office 组件，增加 LibreOffice 7.5 & 7.6 版本默认路径
+16. 修改 drawio 默认为预览模式
+17. 新增 PDF 线程管理、超时管理、内存缓存管理，更新 PDF 解析组件版本
+18. 优化 Dockerfile，支持真正的跨平台构建镜像
+
+### 修复
+1. 修复 forceUpdatedCache 属性设置，但本地缓存文件不更新的问题
+2. 修复 PDF 解密加密文件转换成功后后台报错的问题
+3. 修复 BPMN 不支持跨域的问题
+4. 修复压缩包二级反代特殊符号错误问题
+5. 修复视频跨域配置导致视频无法预览的问题
+6. 修复 TXT 文本类分页二次加载问题
+7. 修复 Drawio 缺少 Base64 组件的问题
+8. 修复 Markdown 被转义问题
+9. 修复 EPUB 跨域报错问题
+10. 修复 URL 特殊符号问题
+11. 修复压缩包穿越漏洞
+12. 修复压缩获取路径错误、图片合集路径错误、水印问题等 BUG
+13. 修复前端解析 XLSX 包含 EMF 格式文件错误问题
+
+#### > 2023年07月05日，v4.3.0 版本发布 ：
 
 #### 新增功能:
 1. 新增dcm等医疗数位影像预 

SECURITY_CONFIG.md

@@ -0,0 +1,174 @@
+# kkFileView 安全配置指南
+
+## ⚠️ 重要安全更新
+
+从 4.4.0 之后版本开始，kkFileView 增强了安全性，默认拒绝所有未配置的外部文件预览请求，以防止 SSRF（服务器端请求伪造）攻击。
+
+## 🔒 安全配置说明
+
+### 1. 信任主机白名单配置（推荐）
+
+在 `application.properties` 中配置允许预览的域名：
+
+```properties
+# 方式1：通过配置文件
+trust.host = kkview.cn,yourdomain.com,cdn.example.com
+
+# 方式2：通过环境变量
+KK_TRUST_HOST=kkview.cn,yourdomain.com,cdn.example.com
+```
+
+**示例场景**：
+- 只允许预览来自 `oss.aliyuncs.com` 和 `cdn.example.com` 的文件
+```properties
+trust.host = oss.aliyuncs.com,cdn.example.com
+```
+
+### 2. 允许所有主机（不推荐，仅测试环境）
+
+```properties
+trust.host = *
+```
+
+⚠️ **警告**：此配置会允许访问任意外部地址，存在安全风险，仅应在测试环境使用！
+
+### 3. 黑名单配置（高级）
+
+禁止特定域名或内网地址：
+
+```properties
+# 禁止访问内网地址（强烈推荐）
+not.trust.host = localhost,127.0.0.1,192.168.*,10.*,172.16.*,169.254.*
+
+# 禁止特定恶意域名
+not.trust.host = malicious-site.com,spam-domain.net
+```
+
+**优先级**：黑名单 > 白名单
+
+### 4. Docker 环境配置
+
+```bash
+docker run -d \
+  -e KK_TRUST_HOST=yourdomain.com,cdn.example.com \
+  -e KK_NOT_TRUST_HOST=localhost,127.0.0.1 \
+  -p 8012:8012 \
+  keking/kkfileview:4.4.0
+```
+
+## 🛡️ 安全最佳实践
+
+### ✅ 推荐配置
+
+```properties
+# 1. 明确配置信任主机白名单
+trust.host = your-cdn.com,your-storage.com
+
+# 2. 配置黑名单防止内网访问
+not.trust.host = localhost,127.0.0.1,192.168.*,10.*,172.16.*
+
+# 3. 禁用文件上传（生产环境）
+file.upload.disable = true
+
+# 4. 配置基础URL（使用反向代理时）
+base.url = https://preview.yourdomain.com
+```
+
+### ❌ 不推荐配置
+
+```properties
+# 危险：允许所有主机访问
+trust.host = *
+
+# 危险：启用文件上传（生产环境）
+file.upload.disable = false
+```
+
+## 🔍 配置验证
+
+### 测试白名单是否生效
+
+1. 配置白名单：
+```properties
+trust.host = kkview.cn
+```
+
+2. 尝试预览白名单内的文件：
+```
+http://localhost:8012/onlinePreview?url=https://kkview.cn/test.pdf
+✅ 应该可以正常预览
+```
+
+3. 尝试预览白名单外的文件：
+```
+http://localhost:8012/onlinePreview?url=https://other-domain.com/test.pdf
+❌ 应该被拒绝，显示"不信任的文件源"
+```
+
+### 测试黑名单是否生效
+
+1. 配置黑名单：
+```properties
+not.trust.host = localhost,127.0.0.1
+```
+
+2. 尝试访问本地文件：
+```
+http://localhost:8012/getCorsFile?urlPath=http://127.0.0.1:8080/admin
+❌ 应该被拒绝
+```
+
+## 📋 常见问题
+
+### Q1: 升级后无法预览文件了？
+
+**原因**：新版本默认拒绝未配置的主机。
+
+**解决**：在配置文件中添加信任主机列表：
+```properties
+trust.host = your-file-server.com
+```
+
+### Q2: 如何临时恢复旧版本行为？
+
+**不推荐**，但如果确实需要：
+```properties
+trust.host = *
+```
+
+### Q3: 配置了白名单但还是无法访问？
+
+检查以下几点：
+1. 域名是否完全匹配（区分大小写）
+2. 是否配置了黑名单，黑名单优先级更高
+3. 查看日志中的 WARNING 信息
+4. 确认环境变量是否正确设置
+
+### Q4: 如何允许子域名？
+
+已支持通配符域名匹配，可使用 `*.example.com`：
+```properties
+trust.host = *.example.com
+```
+
+说明：
+- `*.example.com` 会匹配 `cdn.example.com`、`api.internal.example.com`，但不匹配根域 `example.com`
+- 对于 IP 风格通配（如 `192.168.*`、`10.*`），仅匹配字面量 IPv4 地址，不匹配域名
+
+## 🚨 安全事件响应
+
+如果发现可疑的预览请求：
+
+1. 检查日志文件，搜索 "拒绝访问主机" 关键字
+2. 确认 `trust.host` 配置是否合理
+3. 检查是否有异常的网络请求
+4. 如发现攻击行为，及时更新黑名单配置
+
+## 📞 获取帮助
+
+- GitHub Issues: https://github.com/kekingcn/kkFileView/issues
+- Gitee Issues: https://gitee.com/kekingcn/file-online-preview/issues
+
+---
+
+**安全提示**：定期检查和更新信任主机列表，遵循最小权限原则。

docker/kkfileview-base/Dockerfile

@@ -5,7 +5,7 @@ RUN sed -i 's@//.*archive.ubuntu.com@//mirrors.aliyun.com@g' /etc/apt/sources.li
     sed -i 's@//ports.ubuntu.com@//mirrors.aliyun.com@g' /etc/apt/sources.list.d/ubuntu.sources &&\
 	apt-get update &&\
     export DEBIAN_FRONTEND=noninteractive &&\
-	apt-get install -y --no-install-recommends openjdk-8-jre tzdata locales xfonts-utils fontconfig libreoffice-nogui &&\
+	apt-get install -y --no-install-recommends openjdk-21-jre tzdata locales xfonts-utils fontconfig libreoffice-nogui &&\
     echo 'Asia/Shanghai' > /etc/timezone &&\
     ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
     localedef -i zh_CN -c -f UTF-8 -A /usr/share/locale/locale.alias zh_CN.UTF-8 &&\

pom.xml

@@ -9,14 +9,14 @@
     <version>4.4.0</version>
 
     <properties>
-        <java.version>1.8</java.version>
+        <java.version>21</java.version>
         <jodconverter.version>4.4.6</jodconverter.version>
-        <spring.boot.version>2.4.2</spring.boot.version>
+        <spring.boot.version>3.5.6</spring.boot.version>
         <poi.version>5.2.2</poi.version>
         <xdocreport.version>1.0.6</xdocreport.version>
         <xstream.version>1.4.20</xstream.version>
         <junrar.version>7.5.5</junrar.version>
-        <redisson.version>3.2.0</redisson.version>
+        <redisson.version>3.22.0</redisson.version>
         <sevenzipjbinding.version>16.02-2.01</sevenzipjbinding.version>
         <jchardet.version>1.0</jchardet.version>
         <antlr.version>2.7.7</antlr.version>
@@ -43,6 +43,7 @@
 
 
         <maven.compiler.source>${java.version}</maven.compiler.source>
+        <maven.compiler.release>${java.version}</maven.compiler.release>
         <maven.compiler.target>${java.version}</maven.compiler.target>
 
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

server/pom.xml

@@ -44,21 +44,16 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.springframework.boot</groupId>
-                    <artifactId>spring-boot-starter-tomcat</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-jetty</artifactId>
         </dependency>
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-freemarker</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
         <!-- web end -->
 
         <!-- poi start -->
@@ -100,9 +95,8 @@
         </dependency>
         <!-- poi start -->
         <dependency>
-            <groupId>org.apache.httpcomponents</groupId>
-            <artifactId>httpclient</artifactId>
-             <version>${httpcomponents.version}</version>
+            <groupId>org.apache.httpcomponents.client5</groupId>
+            <artifactId>httpclient5</artifactId>
         </dependency>
 
         <!-- 对 rar5 的支持 和其他众多压缩支持 可参考 package net.sf.sevenzipjbinding.ArchiveFormat; -->
@@ -182,6 +176,12 @@
             <groupId>org.apache.pdfbox</groupId>
             <artifactId>pdfbox</artifactId>
             <version>${pdfbox.version}</version>
+            <exclusions>
+                <exclusion>
+                    <artifactId>commons-logging</artifactId>
+                    <groupId>commons-logging</groupId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.apache.pdfbox</groupId>
@@ -327,6 +327,14 @@
             </resource>
         </resources>
         <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.11.0</version>
+                <configuration>
+                    <parameters>true</parameters>
+                </configuration>
+            </plugin>
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>

server/src/main/config/application.properties

@@ -22,6 +22,14 @@ spring.freemarker.expose-request-attributes = true
 spring.freemarker.expose-session-attributes = true
 spring.freemarker.request-context-attribute = request
 spring.freemarker.suffix = .ftl
+# Spring Boot Actuator 健康检查配置
+# 开启健康检查端点
+management.endpoints.web.exposure.include=health,info,metrics
+# 显示详细的健康检查信息（生产环境建议设置为when-authorized）
+management.endpoint.health.show-details=always
+# 启用健康检查组件
+management.health.defaults.enabled=true
+
 
 # office设置
 #openoffice或LibreOffice  home路径
@@ -78,11 +86,25 @@ cache.clean.cron = ${KK_CACHE_CLEAN_CRON:0 0 3 * * ?}
 #提供预览服务的地址，默认从请求url读，如果使用nginx等反向代理，需要手动设置
 #base.url = https://file.keking.cn
 base.url = ${KK_BASE_URL:default}
-#信任站点，多个用','隔开，设置了之后，会限制只能预览来自信任站点列表的文件，默认不限制
-#trust.host = kkview.cn
+
+# ========== 安全配置（重要）==========
+# 信任站点白名单配置，多个用','隔开
+# ⚠️ 安全提示：为防止SSRF攻击，强烈建议配置信任主机白名单
+# ⚠️ 如果不配置，系统将默认拒绝所有外部文件预览请求
+#
+# 配置示例：
+# trust.host = kkview.cn,yourdomain.com,cdn.example.com
+#
+# 如果需要允许所有域名（不推荐，仅用于测试环境），请设置为：
+# trust.host = *
+#
+# 当前配置：
 trust.host = ${KK_TRUST_HOST:default}
-#不信任站点，多个用','隔开，设置了之后，会限制来自不信任站点列表的文件，默认不限制
-#not.trust.host = kkview.cn
+
+# 不信任站点黑名单配置，多个用','隔开
+# 黑名单优先级高于白名单，设置后将禁止预览来自这些站点的文件
+# 建议配置：禁止访问内网地址和本地地址
+# not.trust.host = localhost,127.0.0.1,0.0.0.0,192.168.*,10.*,172.16.*
 not.trust.host= ${KK_NOT_TRUST_HOST:default}
 #文本类型，默认如下，可自定义添加
 simText = ${KK_SIMTEXT:txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd}
@@ -159,10 +181,9 @@ watermark.height = ${WATERMARK_HEIGHT:80}
 #水印倾斜度数，要求设置在大于等于0，小于90
 watermark.angle = ${WATERMARK_ANGLE:10}
 
-
 #首页功能设置
 #是否禁用首页文件上传
-file.upload.disable = ${KK_FILE_UPLOAD_DISABLE:false}
+file.upload.disable = ${KK_FILE_UPLOAD_DISABLE:true}
 # 备案信息，默认为空
 beian = ${KK_BEIAN:default}
 #禁止上传类型

server/src/main/java/cn/keking/config/ConfigConstants.java

@@ -308,7 +308,8 @@ public class ConfigConstants {
         if (DEFAULT_VALUE.equalsIgnoreCase(trustHost)) {
             return new CopyOnWriteArraySet<>();
         } else {
-            String[] trustHostArray = trustHost.toLowerCase().split(",");
+            // 去除空格并转小写
+            String[] trustHostArray = trustHost.toLowerCase().replaceAll("\\s+", "").split(",");
             return new CopyOnWriteArraySet<>(Arrays.asList(trustHostArray));
         }
     }
@@ -426,7 +427,7 @@ public class ConfigConstants {
         return fileUploadDisable;
     }
 
-    @Value("${file.upload.disable:false}")
+    @Value("${file.upload.disable:true}")
     public void setFileUploadDisable(Boolean fileUploadDisable) {
         setFileUploadDisableValue(fileUploadDisable);
     }

server/src/main/java/cn/keking/config/ConfigRefreshComponent.java

@@ -5,7 +5,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 import java.io.BufferedReader;
 import java.io.FileReader;
 import java.io.IOException;

server/src/main/java/cn/keking/config/RedissonConfig.java

@@ -50,26 +50,21 @@ public class RedissonConfig {
                 .setConnectionMinimumIdleSize(connectionMinimumIdleSize)
                 .setConnectionPoolSize(connectionPoolSize)
                 .setDatabase(database)
-                .setDnsMonitoring(dnsMonitoring)
                 .setDnsMonitoringInterval(dnsMonitoringInterval)
                 .setSubscriptionConnectionMinimumIdleSize(subscriptionConnectionMinimumIdleSize)
                 .setSubscriptionConnectionPoolSize(subscriptionConnectionPoolSize)
                 .setSubscriptionsPerConnection(subscriptionsPerConnection)
                 .setClientName(clientName)
-                .setFailedAttempts(failedAttempts)
                 .setRetryAttempts(retryAttempts)
                 .setRetryInterval(retryInterval)
-                .setReconnectionTimeout(reconnectionTimeout)
                 .setTimeout(timeout)
                 .setConnectTimeout(connectTimeout)
                 .setIdleConnectionTimeout(idleConnectionTimeout)
-                .setPingTimeout(pingTimeout)
                 .setPassword(StringUtils.trimToNull(password));
         Codec codec=(Codec) ClassUtils.forName(getCodec(), ClassUtils.getDefaultClassLoader()).newInstance();
         config.setCodec(codec);
         config.setThreads(thread);
         config.setEventLoopGroup(new NioEventLoopGroup());
-        config.setUseLinuxNativeEpoll(false);
         return config;
     }
 

server/src/main/java/cn/keking/model/FileType.java

@@ -22,6 +22,7 @@ public enum FileType {
     MEDIACONVERT("mediaFilePreviewImpl"),
     MARKDOWN("markdownFilePreviewImpl"),
     XML("xmlFilePreviewImpl"),
+    JSON("jsonFilePreviewImpl"),
     CAD("cadFilePreviewImpl"),
     TIFF("tiffFilePreviewImpl"),
     OFD("ofdFilePreviewImpl"),
@@ -44,12 +45,13 @@ public enum FileType {
     private static final String[] DCM_TYPES = {"dcm"};
     private static final String[] DRAWIO_TYPES = {"drawio"};
     private static final String[] XML_TYPES = {"xml","xbrl"};
+    private static final String[] JSON_TYPES = {"json"};
     private static final String[] TIFF_TYPES = {"tif", "tiff"};
     private static final String[] OFD_TYPES = {"ofd"};
     private static final String[] SVG_TYPES = {"svg"};
     private static final String[] CAD_TYPES = {"dwg", "dxf", "dwf", "iges", "igs", "dwt", "dng", "ifc", "dwfx", "stl", "cf2", "plt"};
     private static final String[] SSIM_TEXT_TYPES = ConfigConstants.getSimText();
-    private static final String[] CODES = {"java", "c", "php", "go", "python", "py", "js", "html", "ftl", "css", "lua", "sh", "rb", "yaml", "yml", "json", "h", "cpp", "cs", "aspx", "jsp", "sql"};
+    private static final String[] CODES = {"java", "c", "php", "go", "python", "py", "js", "html", "ftl", "css", "lua", "sh", "rb", "yaml", "yml", "h", "cpp", "cs", "aspx", "jsp", "sql"};
     private static final String[] MEDIA_TYPES = ConfigConstants.getMedia();
     public static final String[] MEDIA_CONVERT_TYPES = ConfigConstants.getConvertMedias();
     private static final Map<String, FileType> FILE_TYPE_MAPPER = new HashMap<>();
@@ -109,6 +111,9 @@ public enum FileType {
         for (String xml : XML_TYPES) {
             FILE_TYPE_MAPPER.put(xml, FileType.XML);
         }
+        for (String json : JSON_TYPES) {
+            FILE_TYPE_MAPPER.put(json, FileType.JSON);
+        }
         FILE_TYPE_MAPPER.put("md", FileType.MARKDOWN);
         FILE_TYPE_MAPPER.put("pdf", FileType.PDF);
         FILE_TYPE_MAPPER.put("bpmn", FileType.BPMN);

server/src/main/java/cn/keking/service/FileConvertQueueTask.java

@@ -8,7 +8,7 @@ import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.ui.ExtendedModelMap;
 
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -73,7 +73,7 @@ public class FileConvertQueueTask {
                         TimeUnit.SECONDS.sleep(10);
                     } catch (Exception ex) {
                         Thread.currentThread().interrupt();
-                        ex.printStackTrace();
+                        logger.error("Failed to sleep after exception", ex);
                     }
                     logger.info("处理预览转换任务异常，url：{}", url, e);
                 }

server/src/main/java/cn/keking/service/FileHandlerService.java

@@ -31,7 +31,7 @@ import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import org.springframework.util.StringUtils;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 import java.awt.image.BufferedImage;
 import java.io.*;
 import java.net.URLDecoder;
@@ -178,13 +178,13 @@ public class FileHandlerService implements InitializingBean {
             sb.append("<script src=\"excel/excel.header.js\" type=\"text/javascript\"></script>");
             sb.append("<link rel=\"stylesheet\" href=\"excel/excel.css\">");
         } catch (IOException e) {
-            e.printStackTrace();
+            logger.error("Failed to read file: {}", outFilePath, e);
         }
         // 重新写入文件
         try (FileOutputStream fos = new FileOutputStream(outFilePath); BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(fos, StandardCharsets.UTF_8))) {
             writer.write(sb.toString());
         } catch (IOException e) {
-            e.printStackTrace();
+            logger.error("Failed to write file: {}", outFilePath, e);
         }
     }
 
@@ -477,14 +477,14 @@ public class FileHandlerService implements InitializingBean {
                 originFileName = URLDecoder.decode(originFileName, uriEncoding);  //转义的文件名 解下出原始文件名
                 attribute.setSkipDownLoad(true);
             } catch (UnsupportedEncodingException e) {
-                e.printStackTrace();
+                logger.error("Failed to decode file name: {}", originFileName, e);
             }
         }
         if (UrlEncoderUtils.hasUrlEncoded(originFileName)) {  //判断文件名是否转义
             try {
                 originFileName = URLDecoder.decode(originFileName, uriEncoding);  //转义的文件名 解下出原始文件名
             } catch (UnsupportedEncodingException e) {
-                e.printStackTrace();
+                logger.error("Failed to decode file name: {}", originFileName, e);
             }
         }else {
             url = WebUtils.encodeUrlFileName(url); //对未转义的url进行转义

server/src/main/java/cn/keking/service/FilePreview.java

@@ -26,6 +26,7 @@ public interface FilePreview {
     String CODE_FILE_PREVIEW_PAGE = "code";
     String EXEL_FILE_PREVIEW_PAGE = "html";
     String XML_FILE_PREVIEW_PAGE = "xml";
+    String JSON_FILE_PREVIEW_PAGE = "json";
     String MARKDOWN_FILE_PREVIEW_PAGE = "markdown";
     String BPMN_FILE_PREVIEW_PAGE = "bpmn";
     String DCM_FILE_PREVIEW_PAGE = "dcm";

server/src/main/java/cn/keking/service/OfficePluginManager.java

@@ -15,8 +15,8 @@ import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 
-import javax.annotation.PostConstruct;
-import javax.annotation.PreDestroy;
+import jakarta.annotation.PostConstruct;
+import jakarta.annotation.PreDestroy;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;

server/src/main/java/cn/keking/service/cache/impl/CacheServiceJDKImpl.java

@@ -7,7 +7,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.stereotype.Service;
 
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

server/src/main/java/cn/keking/service/impl/CadFilePreviewImpl.java

@@ -9,6 +9,8 @@ import cn.keking.utils.DownloadUtils;
 import cn.keking.utils.KkFileUtils;
 import cn.keking.utils.WebUtils;
 import cn.keking.web.filter.BaseUrlFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.ui.Model;
 import org.springframework.util.StringUtils;
@@ -22,6 +24,7 @@ import static cn.keking.service.impl.OfficeFilePreviewImpl.getPreviewType;
 @Service
 public class CadFilePreviewImpl implements FilePreview {
 
+    private static final Logger logger = LoggerFactory.getLogger(CadFilePreviewImpl.class);
     private static final String OFFICE_PREVIEW_TYPE_IMAGE = "image";
     private static final String OFFICE_PREVIEW_TYPE_ALL_IMAGES = "allImages";
 
@@ -55,7 +58,7 @@ public class CadFilePreviewImpl implements FilePreview {
                 try {
                     imageUrls = fileHandlerService.cadToPdf(filePath, outFilePath, cadPreviewType, fileAttribute);
                 } catch (Exception e) {
-                    e.printStackTrace();
+                    logger.error("Failed to convert CAD file: {}", filePath, e);
                 }
                 if (imageUrls == null) {
                     return otherFilePreview.notSupportedFile(model, fileAttribute, "CAD转换异常，请联系管理员");

server/src/main/java/cn/keking/service/impl/JsonFilePreviewImpl.java

@@ -0,0 +1,95 @@
+package cn.keking.service.impl;
+
+import cn.keking.config.ConfigConstants;
+import cn.keking.model.FileAttribute;
+import cn.keking.model.ReturnResponse;
+import cn.keking.service.FileHandlerService;
+import cn.keking.service.FilePreview;
+import cn.keking.utils.DownloadUtils;
+import cn.keking.utils.KkFileUtils;
+import org.apache.commons.codec.binary.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+import org.springframework.ui.Model;
+import org.springframework.web.util.HtmlUtils;
+
+import java.io.*;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+
+/**
+ * @author kl (http://kailing.pub)
+ * @since 2025/01/11
+ * JSON 文件预览处理实现
+ */
+@Service
+public class JsonFilePreviewImpl implements FilePreview {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(JsonFilePreviewImpl.class);
+
+    private final FileHandlerService fileHandlerService;
+    private final OtherFilePreviewImpl otherFilePreview;
+
+    public JsonFilePreviewImpl(FileHandlerService fileHandlerService, OtherFilePreviewImpl otherFilePreview) {
+        this.fileHandlerService = fileHandlerService;
+        this.otherFilePreview = otherFilePreview;
+    }
+
+    @Override
+    public String filePreviewHandle(String url, Model model, FileAttribute fileAttribute) {
+        String fileName = fileAttribute.getName();
+        boolean forceUpdatedCache = fileAttribute.forceUpdatedCache();
+        String filePath = fileAttribute.getOriginFilePath();
+
+        if (forceUpdatedCache || !fileHandlerService.listConvertedFiles().containsKey(fileName) || !ConfigConstants.isCacheEnabled()) {
+            ReturnResponse<String> response = DownloadUtils.downLoad(fileAttribute, fileName);
+            if (response.isFailure()) {
+                return otherFilePreview.notSupportedFile(model, fileAttribute, response.getMsg());
+            }
+            filePath = response.getContent();
+            if (ConfigConstants.isCacheEnabled()) {
+                fileHandlerService.addConvertedFile(fileName, filePath);
+            }
+            try {
+                String fileData = readJsonFile(filePath, fileName);
+                String escapedData = HtmlUtils.htmlEscape(fileData);
+                String base64Data = Base64.encodeBase64String(escapedData.getBytes(StandardCharsets.UTF_8));
+                model.addAttribute("textData", base64Data);
+            } catch (IOException e) {
+                return otherFilePreview.notSupportedFile(model, fileAttribute, e.getLocalizedMessage());
+            }
+            return JSON_FILE_PREVIEW_PAGE;
+        }
+
+        String fileData = null;
+        try {
+            fileData = HtmlUtils.htmlEscape(readJsonFile(filePath, fileName));
+        } catch (IOException e) {
+            LOGGER.error("读取JSON文件失败: {}", filePath, e);
+        }
+        String base64Data = Base64.encodeBase64String(fileData.getBytes(StandardCharsets.UTF_8));
+        model.addAttribute("textData", base64Data);
+        return JSON_FILE_PREVIEW_PAGE;
+    }
+
+    /**
+     * 读取 JSON 文件，强制使用 UTF-8 编码
+     * JSON 标准规定必须使用 UTF-8 编码
+     */
+    private String readJsonFile(String filePath, String fileName) throws IOException {
+        File file = new File(filePath);
+        if (KkFileUtils.isIllegalFileName(fileName)) {
+            return null;
+        }
+        if (!file.exists() || file.length() == 0) {
+            return "";
+        }
+
+        // JSON 标准规定使用 UTF-8 编码，不依赖自动检测
+        byte[] bytes = Files.readAllBytes(Paths.get(filePath));
+        return new String(bytes, StandardCharsets.UTF_8);
+    }
+}

server/src/main/java/cn/keking/service/impl/MediaFilePreviewImpl.java

@@ -11,6 +11,8 @@ import org.bytedeco.ffmpeg.global.avcodec;
 import org.bytedeco.javacv.FFmpegFrameGrabber;
 import org.bytedeco.javacv.FFmpegFrameRecorder;
 import org.bytedeco.javacv.Frame;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.ui.Model;
 import org.springframework.util.ObjectUtils;
@@ -26,6 +28,7 @@ import java.io.File;
 @Service
 public class MediaFilePreviewImpl implements FilePreview {
 
+    private static final Logger logger = LoggerFactory.getLogger(MediaFilePreviewImpl.class);
     private final FileHandlerService fileHandlerService;
     private final OtherFilePreviewImpl otherFilePreview;
     private static final String mp4 = "mp4";
@@ -66,7 +69,7 @@ public class MediaFilePreviewImpl implements FilePreview {
                         convertedUrl = outFilePath;  //其他协议的  不需要转换方式的文件 直接输出
                     }
                 } catch (Exception e) {
-                    e.printStackTrace();
+                    logger.error("Failed to convert media file: {}", filePath, e);
                 }
                 if (convertedUrl == null) {
                     return otherFilePreview.notSupportedFile(model, fileAttribute, "视频转换异常，请联系管理员");
@@ -148,7 +151,7 @@ public class MediaFilePreviewImpl implements FilePreview {
                 recorder.record(captured_frame);
             }
         } catch (Exception e) {
-            e.printStackTrace();
+            logger.error("Failed to convert video file to mp4: {}", filePath, e);
             return null;
         } finally {
             if (recorder != null) {   //关闭

server/src/main/java/cn/keking/service/impl/SimTextFilePreviewImpl.java

@@ -9,11 +9,17 @@ import cn.keking.utils.DownloadUtils;
 import cn.keking.utils.EncodingDetects;
 import cn.keking.utils.KkFileUtils;
 import org.apache.commons.codec.binary.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.ui.Model;
 import org.springframework.web.util.HtmlUtils;
 
-import java.io.*;
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
 
 /**
@@ -23,10 +29,12 @@ import java.nio.charset.StandardCharsets;
 @Service
 public class SimTextFilePreviewImpl implements FilePreview {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(SimTextFilePreviewImpl.class);
+
     private final FileHandlerService fileHandlerService;
     private final OtherFilePreviewImpl otherFilePreview;
 
-    public SimTextFilePreviewImpl(FileHandlerService fileHandlerService,OtherFilePreviewImpl otherFilePreview) {
+    public SimTextFilePreviewImpl(FileHandlerService fileHandlerService, OtherFilePreviewImpl otherFilePreview) {
         this.fileHandlerService = fileHandlerService;
         this.otherFilePreview = otherFilePreview;
     }
@@ -47,7 +55,7 @@ public class SimTextFilePreviewImpl implements FilePreview {
             }
             try {
                 String  fileData = HtmlUtils.htmlEscape(textData(filePath,fileName));
-                model.addAttribute("textData", Base64.encodeBase64String(fileData.getBytes()));
+                model.addAttribute("textData", Base64.encodeBase64String(fileData.getBytes(StandardCharsets.UTF_8)));
             } catch (IOException e) {
                 return otherFilePreview.notSupportedFile(model, fileAttribute, e.getLocalizedMessage());
             }
@@ -57,9 +65,9 @@ public class SimTextFilePreviewImpl implements FilePreview {
         try {
             fileData = HtmlUtils.htmlEscape(textData(filePath,fileName));
         } catch (IOException e) {
-            e.printStackTrace();
+            LOGGER.error("读取文本文件失败: {}", filePath, e);
         }
-        model.addAttribute("textData", Base64.encodeBase64String(fileData.getBytes()));
+        model.addAttribute("textData", Base64.encodeBase64String(fileData.getBytes(StandardCharsets.UTF_8)));
         return TXT_FILE_PREVIEW_PAGE;
     }
 

server/src/main/java/cn/keking/utils/DownloadUtils.java

@@ -6,9 +6,9 @@ import cn.keking.model.ReturnResponse;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.mola.galimatias.GalimatiasParseException;
 import org.apache.commons.io.FileUtils;
-import org.apache.http.client.HttpClient;
-import org.apache.http.impl.client.DefaultRedirectStrategy;
-import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.hc.client5.http.classic.HttpClient;
+import org.apache.hc.client5.http.impl.DefaultRedirectStrategy;
+import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpMethod;

server/src/main/java/cn/keking/utils/OfficeUtils.java

@@ -4,6 +4,8 @@ import org.apache.commons.lang3.exception.ExceptionUtils;
 import org.apache.poi.EncryptedDocumentException;
 import org.apache.poi.extractor.ExtractorFactory;
 import org.apache.poi.hssf.record.crypto.Biff8EncryptionKey;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -18,6 +20,7 @@ import java.nio.file.Paths;
  */
 public class OfficeUtils {
 
+    private static final Logger logger = LoggerFactory.getLogger(OfficeUtils.class);
     private static final String POI_INVALID_PASSWORD_MSG = "password";
 
     /**
@@ -49,7 +52,7 @@ public class OfficeUtils {
                 try {
                     propStream.close();//关闭文件输入流
                 } catch (IOException e) {
-                    e.printStackTrace();
+                    logger.error("Failed to close input stream for file: {}", path, e);
                 }
             }
         }
@@ -76,7 +79,7 @@ public class OfficeUtils {
                 try {
                     propStream.close();//关闭文件输入流
                 } catch (IOException e) {
-                    e.printStackTrace();
+                    logger.error("Failed to close input stream for file: {}", path, e);
                 }
             }
         }