return false;
}
+ private boolean checkAttrInContext(String nodeName,String attrName,String attrValue){
+ /* The intent here is to prevent external content from being loaded by the user's browser.
+ It's extra paranoid, so will strip some legitimate stuff like an alt="http://www.indymedia.org"
+ */
+ if (! MirGlobal.config().getBoolean("Localizer.HTML.KillWebBugs")) {
+ return true;
+ }
+ else {
+ if ((nodeName.toLowerCase()).equals("a") && (attrName.toLowerCase()).equals("href") || (nodeName.toLowerCase()).equals("form") && (attrName.toLowerCase()).equals("action")){
+ return true; //because we still love the web, even if it doesn't return the favor
+ }
+ else {
+ List externalPrefixes = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.ExternalLocationAttributeValuePrefixes"), ";");
+ List whitelist = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.WhitelistedExternalLocationAttributeValuePrefixes"), ";");
+ Iterator i = externalPrefixes.iterator();
+ while (i.hasNext()) {
+ if ((stripWhitespace(attrValue.toLowerCase())).startsWith(((String) i.next()).toLowerCase())) {
+ // we have hit a bad prefix, but we need to check the whitelist
+ Iterator wl=whitelist.iterator();
+ while (wl.hasNext()){
+ if ((stripWhitespace(attrValue.toLowerCase())).startsWith(((String) wl.next()).toLowerCase())) {
+ return true; //say, for example, something on a trusted server
+ }
+ }
+ return false; //don't let this attribute through
+ }
+ }
+ return true; //didn't seem to be an external prefix, so it's fine
+ }
+ }
+ }
private void print(Node node, StringWriter out) throws IOException {
if (node == null) {
return;
attrValue=regularExpressionLeadingSlashes.substitute(attrValue, "/");
}
- if (checkAttr(attrName) && checkAttrValue(attrValue)) {
+ if (checkAttr(attrName) && checkAttrValue(attrValue) && checkAttrInContext(node.getNodeName(),attrName,attrValue)) {
out.write(' ');
out.write(attrs.item(i).getNodeName());
out.write("=\"");
projects / mir.git / commitdiff