diff options
Diffstat (limited to 'html5_events')
-rw-r--r-- | html5_events/html5_events.pl | 99 | ||||
-rw-r--r-- | html5_events/html5_events.re | 1 |
2 files changed, 100 insertions, 0 deletions
diff --git a/html5_events/html5_events.pl b/html5_events/html5_events.pl new file mode 100644 index 0000000..b2e8bee --- /dev/null +++ b/html5_events/html5_events.pl @@ -0,0 +1,99 @@ +#!/usr/bin/perl +use strict; + +require LWP::UserAgent; +use LWP::Simple; +use RegExp::List; +use File::stat; +use File::Basename; +use List::MoreUtils qw(uniq); + +my $HTML5_URL = "https://hg.mozilla.org/mozilla-central/raw-file/tip/parser/html/nsHtml5AtomList.h"; +my $GECKO_URL = "https://hg.mozilla.org/mozilla-central/raw-file/tip/xpcom/ds/nsGkAtomList.h"; + +my $HERE = dirname($0); +my $SOURCE_FILE = "$HERE/../src/xss/InjectionChecker.js"; + +sub create_re +{ + my $cache = "$HERE/html5_events.re"; + my $sb = stat($cache); + + if ($sb && time() - $sb->mtime < 86400) + { + open IN, "<$cache"; + my @content = <IN>; + close IN; + return $content[0]; + } + + sub fetch_url + { + my $url = shift(@_); + my $ua = LWP::UserAgent->new; + $ua->agent('Mozilla/5.0'); + $ua->ssl_opts('verify_hostname' => 0); + my $res = $ua->get($url); + if ($res->is_success) + { + return $res->decoded_content; + } + else + { + my $err = $res->content; + my $ca_file = $ua->ssl_opts('SSL_ca_file'); + die ("Could not fetch $url: $err\n$ca_file"); + } + } + + + my $content = # fetch_url($HTML5_URL) . + fetch_url($GECKO_URL); + + $content = join("\n", grep(/^(?:HTML5|GK)_ATOM.*"on\w+"/, split(/[\n\r]/, $content))); + + $content =~ s/.*"(on\w+)".*/$1 /g; + $content =~ s/\s+/ /g; + $content =~ s/^\s+|\s+$//g; + + my $l = Regexp::List->new; + my $re = $l->list2re(uniq(split(' ', $content))); + $re =~ s/\(\?[-^]\w+:(.*)\)/$1/; + open (OUT, ">$cache"); + print OUT $re; + close OUT; + $re; +} + +sub patch +{ + my $src = shift; + my $dst = "$src.tmp"; + my $re = create_re(); + my $must_replace = 0; + print "Patching $src...\n"; + open IN, "<$src" or die ("Can't open $src!"); + open OUT, ">$dst" or die ("Can't open $dst!"); + + while (<IN>) + { + my $line = $_; + $must_replace = $line ne $_ if s/^(\s*const IC_EVENT_PATTERN\s*=\s*")([^"]+)/$1$re/; + + print OUT $_; + } + close IN; + close OUT; + + if ($must_replace) { + rename $dst, $src; + print "Patched.\n"; + } + else + { + unlink $dst; + print "Nothing to do.\n"; + } +} + +patch($SOURCE_FILE); diff --git a/html5_events/html5_events.re b/html5_events/html5_events.re new file mode 100644 index 0000000..b59716d --- /dev/null +++ b/html5_events/html5_events.re @@ -0,0 +1 @@ +on(?:p(?:o(?:inter(?:l(?:ock(?:change|error)|eave)|o(?:ver|ut)|cancel|enter|down|move|up)|p(?:up(?:hid(?:den|ing)|show(?:ing|n)|positioned)|state))|a(?:(?:ymentmethodchang|st|us)e|ge(?:hide|show))|ush(?:subscriptionchange)?|ro(?:cessorerror|gress)|lay(?:ing)?|hoto)|Moz(?:S(?:wipeGesture(?:(?:May)?Start|Update|End)?|crolledAreaChanged)|M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|(?:Press)?TapGesture|AfterPaint)|m(?:o(?:z(?:pointerlock(?:change|error)|fullscreen(?:change|error)|key(?:down|up)onplugin|accesskeynotfound|orientationchange)|use(?:l(?:ongtap|eave)|o(?:ver|ut)|enter|wheel|down|move|up))|(?:idimessag|ut)e|essage(?:error)?|ark)|c(?:o(?:m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|n(?:t(?:rollerchange|extmenu)|nect(?:ionavailable)?)|py)|h(?:(?:arging(?:time)?ch)?ange|ecking)|a(?:n(?:play(?:through)?|cel)|ched)|u(?:echange|t)|l(?:ick|ose))|s(?:ou(?:rce(?:(?:clos|end)ed|open)|nd(?:start|end))|e(?:lect(?:ionchange|start)?|ek(?:ing|ed)|t)|h(?:ipping(?:address|option)change|ow)|t(?:a(?:techange|lled|rt)|o(?:rage|p))|u(?:ccess|spend|bmit)|peech(?:start|end)|croll)|d(?:r(?:a(?:g(?:e(?:n(?:ter|d)|xit)|leave|start|drop|over)?|in)|op)|evice(?:(?:orienta|mo)tion|proximity|change|light)|(?:ischargingtime|uration)change|ata(?:available)?|ownloading|blclick)|a(?:nimation(?:iteration|cancel|start|end)|u(?:dio(?:process|start|end)|xclick)|b(?:solutedeviceorientation|ort)|fter(?:scriptexecute|print)|dd(?:sourcebuffer|track)|ppinstalled|ctivate)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|r(?:e(?:s(?:ourcetimingbufferfull|ponseprogress|u(?:lt|me)|ize|et)|move(?:sourcebuffer|track)|adystatechange|pea(?:tEven)?t|questprogress)|atechange)|w(?:ebkit(?:Animation(?:Iteration|Start|End)|animation(?:iteration|start|end)|(?:TransitionE|transitione)nd)|a(?:iting(?:forkey)?|rning)|heel)|v(?:rdisplay(?:(?:presentchang|activat)e|d(?:eactivate|isconnect)|connect)|o(?:iceschanged|lumechange)|(?:isibility|ersion)change)|b(?:e(?:fore(?:p(?:aste|rint)|scriptexecute|c(?:opy|ut)|unload)|gin(?:Event)?)|ufferedamountlow|l(?:ocked|ur)|roadcast|oundary)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|ransition(?:cancel|start|end|run)|ime(?:update|out)|e(?:rminate|xt)|ypechange)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|ing(?:error|done)?|start)?|stpointercapture)|(?:anguage|evel)change|y)|u(?:p(?:date(?:(?:fou|e)nd|ready|start)?|gradeneeded)|n(?:derflow|load|mute)|serproximity)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|otpointercapture|et)|o(?:(?:rientationchang|(?:ff|n)lin|bsolet)e|verflow|pen)|e(?:n(?:d(?:Event|ed)?|crypted|ter)|mptied|rror|xit)|f(?:ullscreen(?:change|error)|ocus(?:out|in)?|inish)|no(?:tificationcl(?:ick|ose)|update|match)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Zoom)|key(?:statuseschange|press|down|up)|(?:CheckboxStateC|hashc)hange|R(?:adioStateChange|equest)|in(?:stall|valid|put)|AppCommand|zoom)
\ No newline at end of file |