提交 43640b26 编写于 作者: A andrew

Merge

......@@ -1012,3 +1012,8 @@ d859443cacf81207f0879e9f21810b102afdb240 jdk8u232-b01
3de2732a8241c8c85a85942f7341ad48491976d9 jdk8u232-b04
415c49110391d46dbb9be24154c2ad1b4157790a jdk8u232-b05
2338eb5fa755608b47e12ae1d8baa217cd64ee98 jdk8u242-b00
dd568d0e5e10a0dfc05ace7f16bbac5ad6eddde5 jdk8u232-b06
3b3a43588afb9fbdb1b95c475a11d3529a3d9cb5 jdk8u232-b07
4bc16c3608302128648e92c80f3b396372471383 jdk8u232-b08
735048c9f2d6835b76a436beffd29565f28a2a36 jdk8u232-b09
735048c9f2d6835b76a436beffd29565f28a2a36 jdk8u232-ga
......@@ -2130,13 +2130,13 @@ Exhibit B - "Incompatible With Secondary Licenses" Notice
-------------------------------------------------------------------------------
%% This notice is provided with respect to PC/SC Lite for Suse Linux v.1.1.1,
%% This notice is provided with respect to PC/SC Lite v1.8.24,
which may be included with JRE 8, JDK 8, and OpenJDK 8 on Linux and Solaris.
--- begin of LICENSE ---
Copyright (c) 1999-2004 David Corcoran <corcoran@linuxnet.com>
Copyright (c) 1999-2004 Ludovic Rousseau <ludovic.rousseau (at) free.fr>
Copyright (c) 1999-2003 David Corcoran <corcoran@linuxnet.com>
Copyright (c) 2001-2011 Ludovic Rousseau <ludovic.rousseau@free.fr>
All rights reserved.
Redistribution and use in source and binary forms, with or without
......@@ -2148,12 +2148,7 @@ are met:
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by:
David Corcoran <corcoran@linuxnet.com>
http://www.linuxnet.com (MUSCLE)
4. The name of the author may not be used to endorse or promote products
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
Changes to this license can be made only by the copyright author with
......
......@@ -68,12 +68,10 @@ public class JavaScriptScanner {
private boolean newline = true;
Map<String, TagParser> tagParsers;
Set<String> eventAttrs;
Set<String> uriAttrs;
public JavaScriptScanner() {
initTagParsers();
initEventAttrs();
initURIAttrs();
}
......@@ -100,7 +98,11 @@ public class JavaScriptScanner {
private void checkHtmlAttr(String name, String value) {
String n = name.toLowerCase(Locale.ENGLISH);
if (eventAttrs.contains(n)
// https://www.w3.org/TR/html52/fullindex.html#attributes-table
// See https://www.w3.org/TR/html52/webappapis.html#events-event-handlers
// An event handler has a name, which always starts with "on" and is followed by
// the name of the event for which it is intended.
if (n.startsWith("on")
|| uriAttrs.contains(n)
&& value != null && value.toLowerCase(Locale.ENGLISH).trim().startsWith("javascript:")) {
reporter.report();
......@@ -1060,34 +1062,6 @@ public class JavaScriptScanner {
}
private void initEventAttrs() {
eventAttrs = new HashSet<>(Arrays.asList(
// See https://www.w3.org/TR/html-markup/global-attributes.html#common.attrs.event-handler
"onabort", "onblur", "oncanplay", "oncanplaythrough",
"onchange", "onclick", "oncontextmenu", "ondblclick",
"ondrag", "ondragend", "ondragenter", "ondragleave",
"ondragover", "ondragstart", "ondrop", "ondurationchange",
"onemptied", "onended", "onerror", "onfocus", "oninput",
"oninvalid", "onkeydown", "onkeypress", "onkeyup",
"onload", "onloadeddata", "onloadedmetadata", "onloadstart",
"onmousedown", "onmousemove", "onmouseout", "onmouseover",
"onmouseup", "onmousewheel", "onpause", "onplay",
"onplaying", "onprogress", "onratechange", "onreadystatechange",
"onreset", "onscroll", "onseeked", "onseeking",
"onselect", "onshow", "onstalled", "onsubmit", "onsuspend",
"ontimeupdate", "onvolumechange", "onwaiting",
// See https://www.w3.org/TR/html4/sgml/dtd.html
// Most of the attributes that take a %Script are also defined as event handlers
// in HTML 5. The one exception is onunload.
// "onchange", "onclick", "ondblclick", "onfocus",
// "onkeydown", "onkeypress", "onkeyup", "onload",
// "onmousedown", "onmousemove", "onmouseout", "onmouseover",
// "onmouseup", "onreset", "onselect", "onsubmit",
"onunload"
));
}
private void initURIAttrs() {
uriAttrs = new HashSet<>(Arrays.asList(
// See https://www.w3.org/TR/html4/sgml/dtd.html
......
......@@ -25,7 +25,7 @@
/**
* @test
* @bug 8138725
* @bug 8138725 8226765
* @summary test --allow-script-in-comments
* @run main TestScriptInComment
*/
......@@ -65,6 +65,10 @@ public class TestScriptInComment {
WS("< script >#ALERT</script>", false, "-Xdoclint:none"), // script tag with invalid white space
SA("<script src=\"file\"> #ALERT </script>", true), // script tag with an attribute
ON("<a onclick='#ALERT'>x</a>", true), // event handler attribute
OME("<img alt='1' onmouseenter='#ALERT'>", true), // onmouseenter event handler attribute
OML("<img alt='1' onmouseleave='#ALERT'>", true), // onmouseleave event handler attribute
OFI("<a href='#' onfocusin='#ALERT'>x</a>", true), // onfocusin event handler attribute
OBE("<a onbogusevent='#ALERT'>x</a>", true), // bogus/future event handler attribute
URI("<a href='javascript:#ALERT'>x</a>", true); // javadcript URI
/**
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册