-
-
Save t-ashula/944213 to your computer and use it in GitHub Desktop.
userjs xss filter prototype
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// 0.js xss filter as userjs | |
(function( w, d ){ | |
var _wl = w.location, | |
_wdu = w.decodeURI, | |
_wduc = w.decodeURIComponent, | |
_dl = d.location, | |
_dw = d.write, | |
_as = Array.prototype.slice; | |
var msgs = { | |
}; | |
if ( !( _wl.protocol === 'http:' || _wl.protocol == 'https:' ) ) { | |
console.log( 'need check other protocols ?' ); | |
return; | |
} | |
var decodedLocation = _wl.href; | |
try{ | |
decodedLocation = _wduc( _wl.href ); | |
} catch (x) { | |
try { | |
decodedLocation = _wduc( _wl.href.substring( 0, _wl.href.indexOf( '#' ) ) ) + _wl.hash; | |
} catch (x) { | |
} | |
} | |
console.log( decodedLocation ); | |
if ( !isRequiredForInjection( decodedLocation ) ) { | |
console.log( 'maybe safe.' ); | |
return; | |
} | |
var stopScript = false; | |
if ( containsUnsafeTags( decodedLocation ) || containsUnsafeAttrs( decodedLocation ) ) { | |
if ( confirm( 'maybe xss. Stop execute scripts on this page?' ) ) { | |
stopScript = true; | |
} | |
} | |
w.opera.addEventListener( 'BeforeExternalScript', function( ev ) { | |
if ( stopScript ){ | |
ev.preventDefault(); | |
return; | |
} | |
var ele = ev.element, src = ele.src; | |
if ( !decodedLocation.match( src ) ) { | |
return; | |
} | |
if ( confirm( 'maybe xss. Stop this script? <' + src + '>' ) ) { | |
ev.preventDefault(); | |
} | |
}, false ); | |
w.opera.addEventListener( 'BeforeScript', function( ev ) { | |
if ( stopScript ){ | |
ev.preventDefault(); | |
return; | |
} | |
var ele = ev.element, src = ele.src, code = ele.text; | |
if ( !!code ) { | |
} | |
}, false ); | |
w.opera.addEventListener( 'BeforeEventListener', function( ev ) { | |
if ( stopScript ) { | |
ev.preventDefault(); | |
return; | |
} | |
var code = ev.listener.toString(), | |
realCode = code.substring( 0, code.length - 2 ).substring( code.indexOf( '{' ) + 2 ); | |
if ( code.match(/function anonymous\(event\) {/) ) { | |
if ( decodedLocation.indexOf( realCode ) !== -1 ) { | |
if ( confirm( 'maybe xss? Stop this code?<' + realCode + '>') ) { | |
ev.preventDefault(); | |
} | |
} | |
} | |
}, false ); | |
function containsUnsafeTags( l ) { | |
return l.match( /<(a |img|base|form|link|meta|embed|style|script|object|iframe)/gi ); | |
} | |
function containsUnsafeAttrs( l ){ | |
return l.match( /(src|href|data|type|classid|name|code|object|action)\s*=/gi ); | |
} | |
function isRequiredForInjection( l ) { | |
var cs = new RegExp( '[\'\"<>]', 'gi' ); | |
return cs.test( l ); | |
} | |
}( window, document )); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment