mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-06 06:38:00 +02:00
Code Issues Releases Wiki Activity

Performance improvements of output parser, few test cases added

Browse Source
This commit is contained in:
SecretR
2013-03-01 17:24:33 +02:00
parent 9c1d799bf9
commit 757b52fb09
1 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
e107_handlers/e_parse_class.php
View File

@@ -2462,9 +2462,9 @@ class e_parser extends e_parse
// $tag = strval(basename($path)); // $tag = strval(basename($path));
$tag = preg_replace('/([a-z0-9\[\]\/]*)?\/([\w]*)(\[(\d)*\])?$/i', "$2", $path); $tag = preg_replace('/([a-z0-9\[\]\/]*)?\/([\w]*)(\[(\d)*\])?$/i', "$2", $path);
if(!in_array($tag, $this->allowedTags)) $allowed = in_array($tag, $this->allowedTags);
if(!$allowed)
{ {
if(strpos($path,'/code/') !== false || strpos($path,'/pre/') !== false) // treat as html. if(strpos($path,'/code/') !== false || strpos($path,'/pre/') !== false) // treat as html.
{ {
$this->pathList[] = $path; $this->pathList[] = $path;
@@ -2474,29 +2474,28 @@ class e_parser extends e_parse
$this->removedList['tags'][] = $tag; $this->removedList['tags'][] = $tag;
$this->nodesToDelete[] = $node; $this->nodesToDelete[] = $node;
continue;
} }
foreach ($node->attributes as $attr) foreach ($node->attributes as $attr)
{ {
$name = $attr->nodeName; $name = $attr->nodeName;
$value = $attr->nodeValue; // Check value against blacklist. $value = $attr->nodeValue; // Check value against whitelist.
if(!in_array($name, $this->allowedAttributes) ) if(!in_array($name, $this->allowedAttributes) )
{ {
$node->removeAttribute($name); $node->removeAttribute($name);
$this->removedList['attributes'][] = $name; $this->removedList['attributes'][] = $tag.'['.$name.']';
} }
else
if($this->inValidAttributeVal($value)) {
{ if($this->inValidAttributeVal($value))
$node->setAttribute($name, '#---sanitized---#'); {
} $node->removeAttribute($name);
} $node->setAttribute($name, '#---sanitized---#');
$this->removedList['sanitized'][] = $tag.'['.$name.']';
}
foreach($removeAttributes as $att) }
{
$node->removeAttribute($att);
} }
} }
@@ -2530,8 +2529,9 @@ class e_parser extends e_parse
*/ */
function invalidAttributeVal($val) function invalidAttributeVal($val)
{ {
// FIXME default (strict) match and filters for certain attributes (e.g. src, href, etc)
$invalid = array("javascript:","alert(","vbscript:","data:text/html", "mhtml:", "data:image"); $invalid = array("javascript:","alert(","vbscript:","data:text/html", "mhtml:", "data:image");
foreach($invalid as $v) foreach($invalid as $v)
{ {
if(stripos($val,$v)!==false) //TODO More reliable check. if(stripos($val,$v)!==false) //TODO More reliable check.
@@ -2592,6 +2592,8 @@ Some example text<br />
<script>alert('something')</script> <script>alert('something')</script>
</code> </code>
<svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>
<style><img src="</style><img src=x onerror=alert(1)//">
<x '="foo"><x foo='><img src=x onerror=alert(1)//'> <!-- IE 6-9 --> <! '="foo"><x foo='><img src=x onerror=alert(2)//'> <? '="foo"><x foo='><img src=x onerror=alert(3)//'> <x '="foo"><x foo='><img src=x onerror=alert(1)//'> <!-- IE 6-9 --> <! '="foo"><x foo='><img src=x onerror=alert(2)//'> <? '="foo"><x foo='><img src=x onerror=alert(3)//'>
<embed src="javascript:alert(1)"></embed> // O10.10↓, OM10.0↓, GC6↓, FF <img src="javascript:alert(2)"> <image src="javascript:alert(2)"> // IE6, O10.10↓, OM10.0↓ <script src="javascript:alert(3)"></script> // IE6, O11.01↓, OM10.1↓ <embed src="javascript:alert(1)"></embed> // O10.10↓, OM10.0↓, GC6↓, FF <img src="javascript:alert(2)"> <image src="javascript:alert(2)"> // IE6, O10.10↓, OM10.0↓ <script src="javascript:alert(3)"></script> // IE6, O11.01↓, OM10.1↓
<div style=width:1px;filter:glow onfilterchange=alert(1)>x</div> <div style=width:1px;filter:glow onfilterchange=alert(1)>x</div>