fortify / fortify-ssc-parser-sample Goto Github PK
View Code? Open in Web Editor NEWAlternative sample parser implementation
License: Other
Alternative sample parser implementation
License: Other
fortify/sample-parser
doesn't have GH issues enabled.Maybe I'm using it wrong, but I think com.fortify.plugin.api.BasicVulnerabilityBuilder.setVulnerabilityRecommendation(String vulnerabilityRecommendation)
does not work.
I notice that when I try to set the recommendatio using this API, I'm unable to show the recommendation even after setting the view template correctly.
As a test, I've also tried calling the SSC REST API and the json being returned is saying that the recommendation is not set.
I'm creating this GH issue as a form of documentation as the fortify/sample-parser
repo doesn't have GH Issues enabled and neither repos have the wiki enabled.
For those who are writing parsers where you want to have special formatting by using some HTML, I've tried to test, via trial and error, to determine which HTML tags that the Fortify SSC server will allow.
As of now (Fortify SSC version 23.1), here are the tags that I've been able to get Fortify SSC to render:
<a></a>
<b></b>
<blockquote></blockquote>
<br></br>
<cite></cite>
<code></code>
<dd></dd>
<div></div>
<dl></dl>
<dt></dt>
<em></em>
<h1></h1>
<i></i>
<li></li>
<ol></ol>
<p></p>
<pre></pre>
<q></q>
<small></small>
<span></span>
<strike></strike>
<strong></strong>
<sub></sub>
<sup></sup>
<table/>
<u></u>
<ul></ul>
Below are a list of html tags that I've noticed Fortify SSC to sanitize:
abbr
acronym
address
applet
area
article
aside
audio
base
basefont
bdi
bdo
big
button
canvas
caption
center
col
colgroup
data
datalist
del
details
dfn
dialog
dir
embed
fieldset
figcaption
figure
font
footer
form
frame
frameset
header
hgroup
hr
iframe
input
ins
kbd
label
legend
link
main
map
mark
menu
meta
meter
nav
noframes
noscript
object
rp
rt
ruby
s
samp
search
section
select
source
optgroup
option
output
param
picture
progress
summary
svg
table
tbody
td
template
textarea
tfoot
th
thead
time
title
tr
track
tt
var
video
wbr
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.