Skip to content

Commit

Permalink
Update neko-html
Browse files Browse the repository at this point in the history
  • Loading branch information
@spassarop @nahsra
spassarop authored and nahsra committed Oct 6, 2023
1 parent 00a224b commit 7fdb6c1
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 51 deletions.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
<dependency>
<groupId>org.htmlunit</groupId>
<artifactId>neko-htmlunit</artifactId>
<version>3.4.0</version>
<version>3.5.0</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents.client5</groupId>
Expand Down
101 changes: 51 additions & 50 deletions src/main/java/org/owasp/validator/html/scan/MagicSAXFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@
import java.util.regex.Pattern;
import org.htmlunit.cyberneko.filters.DefaultFilter;
import org.htmlunit.cyberneko.xerces.util.XMLAttributesImpl;
import org.htmlunit.cyberneko.xerces.util.XMLStringBuffer;
import org.htmlunit.cyberneko.xerces.xni.Augmentations;
import org.htmlunit.cyberneko.xerces.xni.QName;
import org.htmlunit.cyberneko.xerces.xni.XMLAttributes;
Expand Down Expand Up @@ -108,7 +107,7 @@ public void characters(XMLString text, Augmentations augs) throws XNIException {
} else if (topOp == Ops.CSS) {
// we record the style element's text content
// to filter it later
cssContent.append(text.ch, text.offset, text.length);
cssContent.append(text.toString());
} else {
// pass through all character content.
if (inCdata) {
Expand All @@ -120,7 +119,7 @@ public void characters(XMLString text, Augmentations augs) throws XNIException {
}

private static final Pattern conditionalDirectives =
Pattern.compile("<?!?\\[\\s*(?:end)?if[^]]*\\]>?");
Pattern.compile("<?!?\\[\\s*(?:end)?if[^]]*\\]>?");

public void comment(XMLString text, Augmentations augs) throws XNIException {

Expand All @@ -136,12 +135,12 @@ public void comment(XMLString text, Augmentations augs) throws XNIException {
}

public void doctypeDecl(String root, String publicId, String systemId, Augmentations augs)
throws XNIException {
throws XNIException {
// user supplied doctypes are ignored
}

public void emptyElement(QName element, XMLAttributes attributes, Augmentations augs)
throws XNIException {
throws XNIException {
this.startElement(element, attributes, augs);
this.endElement(element, augs);
}
Expand All @@ -150,8 +149,9 @@ private Ops peekTop() {
return operations.empty() ? null : operations.peek();
}

private XMLStringBuffer makeEndTag(String tagName) {
return new XMLStringBuffer("</" + tagName + ">");
private XMLString makeEndTag(String tagName) {
String endTag = "</" + tagName + ">";
return new XMLString(endTag.toCharArray(), 0, endTag.length());
}

public void endElement(QName element, Augmentations augs) throws XNIException {
Expand Down Expand Up @@ -193,16 +193,17 @@ public void endElement(QName element, Augmentations augs) throws XNIException {

super.startElement(element, cssAttributes, augs);
// send the cleaned content
super.characters(new XMLStringBuffer(results.getCleanHTML()), augs);
String cleanHtml = results.getCleanHTML();
super.characters(new XMLString(cleanHtml.toCharArray(), 0, cleanHtml.length()), augs);
// end the CSS element
super.endElement(element, augs);
}
} catch (ScanException e) {
// if the CSS is unscannable, we report the error, but skip the
// style element
addError(
ErrorMessageUtil.ERROR_CSS_TAG_MALFORMED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(cssContent.toString())});
ErrorMessageUtil.ERROR_CSS_TAG_MALFORMED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(cssContent.toString())});
} finally {
// reset the string buffer to allow fresh recording of next
// style tag
Expand All @@ -224,7 +225,7 @@ private CssScanner makeCssScanner() {
}

public void processingInstruction(String target, XMLString data, Augmentations augs)
throws XNIException {
throws XNIException {
// processing instructions are being removed
}

Expand All @@ -239,7 +240,7 @@ public void endCDATA(Augmentations augs) throws XNIException {
}

public void startElement(QName element, XMLAttributes attributes, Augmentations augs)
throws XNIException {
throws XNIException {
// see if we have a policy for this tag.
String tagNameLowerCase = element.localpart.toLowerCase();
Tag tag = policy.getTagByLowercaseName(tagNameLowerCase);
Expand Down Expand Up @@ -273,19 +274,19 @@ public void startElement(QName element, XMLAttributes attributes, Augmentations
// we also remove all child elements of a style element
this.operations.push(Ops.REMOVE);
} else if ((tag == null && policy.isEncodeUnknownTag())
|| (tag != null && tag.isAction(Policy.ACTION_ENCODE))) {
|| (tag != null && tag.isAction(Policy.ACTION_ENCODE))) {
String name = "<" + element.localpart + ">";
super.characters(new XMLString(name.toCharArray(), 0, name.length()), augs);
this.operations.push(Ops.ENCODE);
} else if (tag == null) {
addError(
ErrorMessageUtil.ERROR_TAG_NOT_IN_POLICY,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
ErrorMessageUtil.ERROR_TAG_NOT_IN_POLICY,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
this.operations.push(Ops.FILTER);
} else if (tag.isAction(Policy.ACTION_FILTER)) {
addError(
ErrorMessageUtil.ERROR_TAG_FILTERED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
ErrorMessageUtil.ERROR_TAG_FILTERED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
this.operations.push(Ops.FILTER);
} else if (tag.isAction("validate")) {

Expand Down Expand Up @@ -318,14 +319,14 @@ public void startElement(QName element, XMLAttributes attributes, Augmentations
errorMessages.addAll(cr.getErrorMessages());
} catch (ScanException e) {
addError(
ErrorMessageUtil.ERROR_CSS_ATTRIBUTE_MALFORMED,
new Object[] {element.localpart, HTMLEntityEncoder.htmlEntityEncode(value)});
ErrorMessageUtil.ERROR_CSS_ATTRIBUTE_MALFORMED,
new Object[] {element.localpart, HTMLEntityEncoder.htmlEntityEncode(value)});
}
} else if (attribute != null) {
// validate the values against the policy
boolean isValid = false;
if (attribute.containsAllowedValue(value.toLowerCase())
|| attribute.matchesAllowedExpression(value)) {
|| attribute.matchesAllowedExpression(value)) {
int attrIndex;
if ((attrIndex = validattributes.getIndex(name)) > 0) {
// If attribute is repeated, use last value.
Expand All @@ -341,46 +342,46 @@ public void startElement(QName element, XMLAttributes attributes, Augmentations
if (!isValid && "removeTag".equals(attribute.getOnInvalid())) {

addError(
ErrorMessageUtil.ERROR_ATTRIBUTE_INVALID_REMOVED,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});
ErrorMessageUtil.ERROR_ATTRIBUTE_INVALID_REMOVED,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});

removeTag = true;

} else if (!isValid
&& ("filterTag".equals(attribute.getOnInvalid()) || masqueradingParam)) {
&& ("filterTag".equals(attribute.getOnInvalid()) || masqueradingParam)) {

addError(
ErrorMessageUtil.ERROR_ATTRIBUTE_CAUSE_FILTER,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});
ErrorMessageUtil.ERROR_ATTRIBUTE_CAUSE_FILTER,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});

filterTag = true;

} else if (!isValid) {
addError(
ErrorMessageUtil.ERROR_ATTRIBUTE_INVALID,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});
ErrorMessageUtil.ERROR_ATTRIBUTE_INVALID,
new Object[] {
tag.getName(),
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});
}

} else { // attribute == null
addError(
ErrorMessageUtil.ERROR_ATTRIBUTE_NOT_IN_POLICY,
new Object[] {
element.localpart,
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});
ErrorMessageUtil.ERROR_ATTRIBUTE_NOT_IN_POLICY,
new Object[] {
element.localpart,
HTMLEntityEncoder.htmlEntityEncode(name),
HTMLEntityEncoder.htmlEntityEncode(value)
});

if (masqueradingParam) {
filterTag = true;
Expand Down Expand Up @@ -413,14 +414,14 @@ public void startElement(QName element, XMLAttributes attributes, Augmentations
if (currentRelValue != null) {
Attribute attribute = tag.getAttributeByName("rel");
if (attribute != null
&& !(attribute.containsAllowedValue(currentRelValue)
&& !(attribute.containsAllowedValue(currentRelValue)
|| attribute.matchesAllowedExpression(currentRelValue))) {
currentRelValue = "";
}
}
String relValue =
Attribute.mergeRelValuesInAnchor(
addNofollow, addNoopenerAndNoreferrer, currentRelValue);
Attribute.mergeRelValuesInAnchor(
addNofollow, addNoopenerAndNoreferrer, currentRelValue);
if (!relValue.isEmpty()) {
int relIndex;
if ((relIndex = validattributes.getIndex("rel")) > 0) {
Expand All @@ -445,8 +446,8 @@ public void startElement(QName element, XMLAttributes attributes, Augmentations
} else {
// no options left, so the tag will be removed
addError(
ErrorMessageUtil.ERROR_TAG_DISALLOWED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
ErrorMessageUtil.ERROR_TAG_DISALLOWED,
new Object[] {HTMLEntityEncoder.htmlEntityEncode(element.localpart)});
this.operations.push(Ops.REMOVE);
}
// now we know exactly what to do, let's do it
Expand Down

0 comments on commit 7fdb6c1

Please sign in to comment.