From c6bf1e6508f54cf07d9696d57412ba626f754089 Mon Sep 17 00:00:00 2001 From: Nicolas Werner Date: Sun, 4 Sep 2022 18:14:14 +0200 Subject: [PATCH] Attribute values can contain slashes --- src/Utils.cpp | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/src/Utils.cpp b/src/Utils.cpp index bae1d8a5..0e193c43 100644 --- a/src/Utils.cpp +++ b/src/Utils.cpp @@ -431,9 +431,10 @@ utils::escapeBlacklistedHtml(const QString &rawStr) "tbody", "/tbody", "tr", "/tr", "th", "/th", "td", "/td", "caption", "/caption", "pre", "/pre", "span", "/span", "img", "/img", "details", "/details", "summary", "/summary"}; - constexpr static const std::array tagNameEnds = {' ', '>'}; - constexpr static const std::array attrNameEnds = {' ', '>', '=', '\t', '\r', '\n', '/', '\f'}; - constexpr static const std::array spaceChars = {' ', '\t', '\r', '\n', '\f'}; + constexpr static const std::array tagNameEnds = {' ', '>'}; + constexpr static const std::array attrNameEnds = {' ', '>', '=', '\t', '\r', '\n', '/', '\f'}; + constexpr static const std::array attrValueEnds = {' ', '\t', '\r', '\n', '\f', '>'}; + constexpr static const std::array spaceChars = {' ', '\t', '\r', '\n', '\f'}; QByteArray data = rawStr.toUtf8(); QByteArray buffer; @@ -535,16 +536,22 @@ utils::escapeBlacklistedHtml(const QString &rawStr) continue; } } else { - attrStart += 1; auto valueEnd = std::find_first_of(attrStart, attrsEnd, - attrNameEnds.begin(), - attrNameEnds.end()); + attrValueEnds.begin(), + attrValueEnds.end()); + auto val = + sanitizeValue(QByteArray(attrStart, valueEnd - attrStart)); + attrStart = consumeSpaces(valueEnd); + + if (val.contains('"')) + continue; + buffer.append(' '); buffer.append(attrName); - buffer.append("="); - buffer.append(attrStart, valueEnd - attrStart); - attrStart = valueEnd; + buffer.append("=\""); + buffer.append(val); + buffer.append('"'); continue; } }