JacksonBruce/AntiSamy.NET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow all attribute values if there is no regex

Browse Source
This commit is contained in:
Caner Patır
2018-07-05 16:27:30 +03:00
parent 7069cb4af8
commit cac021caca
5 changed files with 2421 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/AntiSamy/AntiSamy.csproj
View File

@@ -4,13 +4,13 @@
<TargetFrameworks>netstandard2.0;net45;net46</TargetFrameworks> <TargetFrameworks>netstandard2.0;net45;net46</TargetFrameworks>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild> <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
<Authors>Caner Patır</Authors> <Authors>Caner Patır</Authors>
<Version>1.0.4</Version> <Version>1.0.5</Version>
<FileVersion>1.0.4.0</FileVersion> <FileVersion>1.0.5.0</FileVersion>
<RepositoryUrl>https://github.com/canerpatir/AntiSamy.NET</RepositoryUrl> <RepositoryUrl>https://github.com/canerpatir/AntiSamy.NET</RepositoryUrl>
<PackageIconUrl>https://raw.githubusercontent.com/canerpatir/AntiSamy.NET/master/icon.png</PackageIconUrl> <PackageIconUrl>https://raw.githubusercontent.com/canerpatir/AntiSamy.NET/master/icon.png</PackageIconUrl>
<PackageProjectUrl>https://github.com/canerpatir/AntiSamy.NET</PackageProjectUrl> <PackageProjectUrl>https://github.com/canerpatir/AntiSamy.NET</PackageProjectUrl>
<PackageLicenseUrl>https://github.com/canerpatir/AntiSamy.NET/blob/master/LICENCE</PackageLicenseUrl> <PackageLicenseUrl>https://github.com/canerpatir/AntiSamy.NET/blob/master/LICENCE</PackageLicenseUrl>
<AssemblyVersion>1.0.4.0</AssemblyVersion> <AssemblyVersion>1.0.5.0</AssemblyVersion>
<RepositoryType>git</RepositoryType> <RepositoryType>git</RepositoryType>
<Description>A .net standard library for performing configurable cleansing of HTML coming from untrusted sources.</Description> <Description>A .net standard library for performing configurable cleansing of HTML coming from untrusted sources.</Description>
<Copyright>Caner Patır</Copyright> <Copyright>Caner Patır</Copyright>

5
src/AntiSamy/AntiSamyDomScanner.cs
View File

@@ -150,6 +150,11 @@ namespace AntiSamy
} }
else else
{ {
if (!allowwdAttr.AllowedValues.Any() && !allowwdAttr.AllowedRegExps.Any())
{
continue;
}
var isAttributeValid = false; var isAttributeValid = false;
//try to find out how robust this is - do I need to do this in a loop? //try to find out how robust this is - do I need to do this in a loop?
value = HtmlEntity.DeEntitize(value); value = HtmlEntity.DeEntitize(value);

8
test/AntiSamy.Tests/AntiSamy.Tests.csproj
View File

@@ -6,6 +6,10 @@
<IsPackable>false</IsPackable> <IsPackable>false</IsPackable>
</PropertyGroup> </PropertyGroup>
<ItemGroup>
<None Remove="resources\antisamy-mysite.xml" />
</ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="FluentAssertions" Version="5.3.0" /> <PackageReference Include="FluentAssertions" Version="5.3.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.6.0" /> <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.6.0" />
@@ -15,7 +19,9 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Folder Include="resources\" /> <Content Include="resources\antisamy-mysite.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>

16
test/AntiSamy.Tests/UseCaseTests.cs
View File

@@ -128,5 +128,21 @@ namespace AntiSamy.Tests
} }
[Fact]
public void allow_any_src_in_img_tag()
{
var scanner = new AntiSamy();
/*
* remove non-allowed hrefs
*/
var input = "Size Table: ;<p><img src=\"/Assets/ProductImages/chartlar/image.jpg\" width=\"456\" height=\"197\" alt=\"\" /></p> ; Lorem ipsum";
AntiySamyResult result = scanner.Scan(input, GetPolicy("antisamy-mysite.xml"));
result.CleanHtml.Should().Be(input);
}
} }
} }

2390
test/AntiSamy.Tests/resources/antisamy-mysite.xml Normal file
View File

File diff suppressed because it is too large Load Diff