[XSS] Restored compatibility with Gecko 77 and below.

This commit is contained in:
hackademix 2021-12-28 20:07:24 +01:00
parent 87d064ed71
commit 0fdbf3ef83
2 changed files with 40 additions and 4 deletions

@ -1 +1 @@
Subproject commit b0b355de528b11b8ae641b429f3442fe19bbff67 Subproject commit 2bf555fca3aa803fa72fd43ef94403aefb1254a5

View File

@ -49,7 +49,7 @@ XSS.InjectionChecker = (async () => {
"|\\b(?:" + IC_WINDOW_OPENER_PATTERN + ")\\b[^]+\\b(?:" + IC_EVENT_PATTERN + ")[^]*="; "|\\b(?:" + IC_WINDOW_OPENER_PATTERN + ")\\b[^]+\\b(?:" + IC_EVENT_PATTERN + ")[^]*=";
function InjectionChecker() { function InjectionChecker() {
this.timing = new Timing(); this.timing = new Timing(20);
this.reset(); this.reset();
} }
InjectionChecker.prototype = { InjectionChecker.prototype = {
@ -492,8 +492,44 @@ XSS.InjectionChecker = (async () => {
return ret; return ret;
}, },
// see https://mathiasbynens.be/notes/javascript-identifiers-es6#acceptable-unicode-symbols _createInvalidRanges: function() {
invalidCharsRx: /^[^"'`/<>]*[^$_\p{ID_Start}\p{ID_Continue}\u200c\u200d]/u, function x(n) {
return '\\u' + ("0000" + n.toString(16)).slice(-4);
}
let chunks = [];
let first = -1;
let last = -1;
let cur = 0x7e;
let close = () => { if (last != first) chunks.push(`-${x(last)}`); }
while (cur++ < 0xffff) {
try {
Function(`let _${String.fromCharCode(cur)}_`);
} catch (e) {
if (!/illegal char/.test(e.message)) continue;
if (first == -1) {
first = last = cur;
chunks.push(x(cur));
continue;
}
if (cur - last == 1) {
last = cur;
continue;
}
close();
chunks.push(x(cur));
last = first = cur;
}
}
close();
return chunks.join('');
},
get invalidCharsRx() {
let value = new RegExp("^[^\"'`/<>]*[" + this._createInvalidRanges() + "]");
Object.defineProperty(Object.getPrototypeOf(this), 'invalidCharsRx', {value});
return value;
},
async checkJSBreak(s) { async checkJSBreak(s) {
// Direct script injection breaking JS string literals or comments // Direct script injection breaking JS string literals or comments