Merge branch 'harden-parser' into 'develop'
fix regex misinterpreting tag name in badly formed HTML See merge request pleroma/pleroma-fe!1835 (cherry picked from commit624af7ed00
)00b47e16
fix regex misinterpreting tag name in badly formed HTML, prevent rich5e656cc0
Merge remote-tracking branch 'origin/develop' into harden-parser10e28f6c
changelog0109724a
case insensititvy
This commit is contained in:
parent
3a507ba9b2
commit
4bc7873e03
|
@ -0,0 +1 @@
|
||||||
|
fix regex issue in HTML parser/renderer
|
|
@ -149,7 +149,9 @@ export default {
|
||||||
// Handle tag nodes
|
// Handle tag nodes
|
||||||
if (Array.isArray(item)) {
|
if (Array.isArray(item)) {
|
||||||
const [opener, children, closer] = item
|
const [opener, children, closer] = item
|
||||||
const Tag = getTagName(opener)
|
let Tag = getTagName(opener)
|
||||||
|
if (Tag.toLowerCase() === 'script') Tag = 'js-exploit'
|
||||||
|
if (Tag.toLowerCase() === 'style') Tag = 'css-exploit'
|
||||||
const fullAttrs = getAttrs(opener, () => true)
|
const fullAttrs = getAttrs(opener, () => true)
|
||||||
const attrs = getAttrs(opener)
|
const attrs = getAttrs(opener)
|
||||||
const previouslyMentions = currentMentions !== null
|
const previouslyMentions = currentMentions !== null
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
* @return {String} - tagname, i.e. "div"
|
* @return {String} - tagname, i.e. "div"
|
||||||
*/
|
*/
|
||||||
export const getTagName = (tag) => {
|
export const getTagName = (tag) => {
|
||||||
const result = /(?:<\/(\w+)>|<(\w+)\s?.*?\/?>)/gi.exec(tag)
|
const result = /(?:<\/(\w+)>|<(\w+)\s?.*?\/?>)/gis.exec(tag)
|
||||||
return result && (result[1] || result[2])
|
return result && (result[1] || result[2])
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue