yaoyi2008 / xssprotect Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/xssprotect
License: Apache License 2.0
Automatically exported from code.google.com/p/xssprotect
License: Apache License 2.0
-moz-binding in Firefox is similar with expression in IE
ms-its,mhtml,firefoxurl,data is similar with javascript,mocha
Original issue reported on code.google.com by [email protected]
on 24 Aug 2009 at 6:31
What steps will reproduce the problem?
Input HTML example begin"
<html>
<!-- Remove me -->
</html>
"end
Filtered HTML begin"
<html><remove me></remove></html>
"end
What is the expected output? What do you see instead?
Remove all comments.
What version of the product are you using? On what operating system?
Please provide any additional information below.
Error log:
line 2:1 no viable alternative at character '!'
line 2:2 no viable alternative at character '-'
line 2:3 no viable alternative at character '-'
line 2:15 no viable alternative at character '-'
line 2:16 no viable alternative at character '-'
line 3:0 end tag (html) does not match start tag (Remove) currently open,
closing it anyway
Original issue reported on code.google.com by [email protected]
on 18 Jun 2009 at 3:48
What steps will reproduce the problem?
Input HTML example begin"
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
</html>
"end
Filtered HTML begin"
<doctype html public w3c dtd html transitional en http: www.w3.org tr html4
loose.dtd><html></html></doctype>
"end
What is the expected output? What do you see instead?
Remove input DOCTYPE tag.
What version of the product are you using? On what operating system?
Please provide any additional information below.
Error log:
line 1:1 no viable alternative at character '!'
line 1:22 no viable alternative at character '"'
line 1:23 no viable alternative at character '-'
line 1:24 rule PCDATA failed predicate: { !tagMode }?
line 1:25 rule PCDATA failed predicate: { !tagMode }?
line 1:29 rule PCDATA failed predicate: { !tagMode }?
line 1:30 rule PCDATA failed predicate: { !tagMode }?
line 1:40 no viable alternative at character '4'
line 1:41 no viable alternative at character '.'
line 1:42 no viable alternative at character '0'
line 1:43 no viable alternative at character '1'
line 1:57 rule PCDATA failed predicate: { !tagMode }?
line 1:58 rule PCDATA failed predicate: { !tagMode }?
line 1:61 no viable alternative at character '"'
line 1:63 no viable alternative at character '"'
line 1:69 rule PCDATA failed predicate: { !tagMode }?
line 1:70 rule PCDATA failed predicate: { !tagMode }?
line 1:81 rule PCDATA failed predicate: { !tagMode }?
line 1:84 rule PCDATA failed predicate: { !tagMode }?
line 1:90 rule PCDATA failed predicate: { !tagMode }?
line 1:100 no viable alternative at character '"'
line 0:-1 end tag (null) does not match start tag (DOCTYPE) currently open,
closing it anyway
Original issue reported on code.google.com by [email protected]
on 18 Jun 2009 at 3:52
can not compile or run with antlr 3.1.1
Original issue reported on code.google.com by [email protected]
on 24 Aug 2009 at 6:05
Input HTML example begin"
<html>
</html>
"end
What is the expected output? What do you see instead?
Ignore empty line or remove at all.
What version of the product are you using? On what operating system?
Windows
Please provide any additional information below.
Error log:
line 1:0 no viable alternative at input '\r\n'
BR.recoverFromMismatchedToken
/workspace/xssprotect/trunk/grammar/htmlTreeParser.g: node from line 0:0
mismatched tree node: EOF expecting ELEMENT
Exception in thread "main" java.lang.NullPointerException
at com.blogspot.radialmind.html.HTMLParser.process(HTMLParser.java:76)
at TestXssProtect.main(TestXssProtect.java:28)
Original issue reported on code.google.com by [email protected]
on 18 Jun 2009 at 3:31
convert
<a href="http://www.google.com/search?hl=en&q=test">test</a>
to
<a href="http://www.google.com/search?hl=en&q=test">test</a>
Original issue reported on code.google.com by [email protected]
on 24 Aug 2009 at 6:12
What steps will reproduce the problem?
1. 3
2. 2
3. 4
What is the expected output? What do you see instead?
gdfgdfg
Please use labels and text to provide additional information.
dfgdfgdfg
Original issue reported on code.google.com by [email protected]
on 28 Apr 2008 at 6:35
What steps will reproduce the problem?
Input HTML example begin"
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>XSS Example</title>
</head>
</html>
"end
Filtered HTML begin"
<html><head><title></title></head></html>
"end
What is the expected output? What do you see instead?
Add "/" to the end of tag if it has no closing tag.
Ex: "<tag>" -> "<tag/>".
Or ignore only for tags like <meta>, etc.
What version of the product are you using? On what operating system?
Please provide any additional information below.
Note that <title> lost its content after bad filtering.
Error log:
line 5:1 end tag (head) does not match start tag (meta) currently open,
closing it anyway
Original issue reported on code.google.com by [email protected]
on 18 Jun 2009 at 4:02
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.