Releases: weaweawe01/lua-htmlparser
Releases · weaweawe01/lua-htmlparser
2.0
add xss engin
Examples
package.path = "./src/?.lua;" .. package.path
local xss_engine = require("xss_engine")
local text =[[
<img src=x onerror=alert(1)>
]]
if xss_engine.is_xss(text) then
print("this is info xss")
else
print("this is info not xss")
end
[root@localhost lua-htmlparser]# luajit test2.lua
this is info xss
1.0
[root@localhost tst]# luajit init.lua
------------------------------------
Lua version: LuaJIT 2.0.4
------------------------------------
name: image
getcontent:
src:
attributes: {"onerror":"prompt(8)","src":""}
name: img
getcontent:
src:
attributes: {"onerror":"prompt(8)","src":""}
name: image
getcontent:
src:
attributes: {"onerror":"prompt(8)","src":""}
name: img
getcontent:
src:
attributes: {"onerror":"prompt(8)","src":""}
name: script
getcontent: javascript:alert(1)
attributes: {}