fix: problem with not closed tag (#262)
This commit is contained in:
Sviataslau Shchaurouski
committed by
GitHub
GitHub
parent
c2419c4d14
commit
72844ddc6f
4
dist/xss.js
vendored
4
dist/xss.js
vendored
@@ -586,7 +586,7 @@ function parseTag(html, onTag, escapeHtml) {
|
|||||||
lastPos = currentPos;
|
lastPos = currentPos;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (c === ">") {
|
if (c === ">" || currentPos === len - 1) {
|
||||||
rethtml += escapeHtml(html.slice(lastPos, tagStart));
|
rethtml += escapeHtml(html.slice(lastPos, tagStart));
|
||||||
currentHtml = html.slice(tagStart, currentPos + 1);
|
currentHtml = html.slice(tagStart, currentPos + 1);
|
||||||
currentTagName = getTagName(currentHtml);
|
currentTagName = getTagName(currentHtml);
|
||||||
@@ -621,7 +621,7 @@ function parseTag(html, onTag, escapeHtml) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (lastPos < html.length) {
|
if (lastPos < len) {
|
||||||
rethtml += escapeHtml(html.substr(lastPos));
|
rethtml += escapeHtml(html.substr(lastPos));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
2
dist/xss.min.js
vendored
2
dist/xss.min.js
vendored
File diff suppressed because one or more lines are too long
@@ -71,7 +71,7 @@ function parseTag(html, onTag, escapeHtml) {
|
|||||||
lastPos = currentPos;
|
lastPos = currentPos;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (c === ">") {
|
if (c === ">" || currentPos === len - 1) {
|
||||||
rethtml += escapeHtml(html.slice(lastPos, tagStart));
|
rethtml += escapeHtml(html.slice(lastPos, tagStart));
|
||||||
currentHtml = html.slice(tagStart, currentPos + 1);
|
currentHtml = html.slice(tagStart, currentPos + 1);
|
||||||
currentTagName = getTagName(currentHtml);
|
currentTagName = getTagName(currentHtml);
|
||||||
@@ -106,7 +106,7 @@ function parseTag(html, onTag, escapeHtml) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (lastPos < html.length) {
|
if (lastPos < len) {
|
||||||
rethtml += escapeHtml(html.substr(lastPos));
|
rethtml += escapeHtml(html.substr(lastPos));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -88,6 +88,7 @@ describe("test XSS", function() {
|
|||||||
assert.equal(xss("<img src//>"), "<img src />");
|
assert.equal(xss("<img src//>"), "<img src />");
|
||||||
assert.equal(xss("<br/>"), "<br />");
|
assert.equal(xss("<br/>"), "<br />");
|
||||||
assert.equal(xss("<br />"), "<br />");
|
assert.equal(xss("<br />"), "<br />");
|
||||||
|
assert.equal(xss("<img src=x onerror=alert('XSS')"), "<img src>");
|
||||||
|
|
||||||
// 畸形属性格式
|
// 畸形属性格式
|
||||||
assert.equal(
|
assert.equal(
|
||||||
|
|||||||
Reference in New Issue
Block a user