Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-04 07:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Handle HTML reserved characters in headers

Browse Source 
So far I haven't seen any HTML reserved characters (&, <, >, ", ') in the strings processed by `emphasize_stuff_in_headers()`, so this PR may be unnecessary. However, this PR will ensure that any such characters will be properly escaped in the HTML output.
This commit is contained in:
David Cooper
2017-02-27 11:49:51 -05:00
committed by GitHub
parent 84d142a6cf
commit 0ada7b100c
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
testssl.sh
View File

@@ -1926,7 +1926,9 @@ emphasize_stuff_in_headers(){
-e "s/X-AspNet-Version/${yellow}X-AspNet-Version${off}/g" -e "s/X-AspNet-Version/${yellow}X-AspNet-Version${off}/g"
if "$do_html"; then if "$do_html"; then
html_out "$(tm_out "$1" | sed -e "s/\([0-9]\)/${html_brown}\1${html_off}/g" \ html_out "$(tm_out "$1" | sed -e 's/\&/\&amp;/g' \
-e 's/</\&lt;/g' -e 's/>/\&gt;/g' -e 's/"/\&quot;/g' -e "s/'/\&apos;/g" \
-e "s/\([0-9]\)/${html_brown}\1${html_off}/g" \
-e "s/Debian/${html_yellow}\Debian${html_off}/g" \ -e "s/Debian/${html_yellow}\Debian${html_off}/g" \
-e "s/Win32/${html_yellow}\Win32${html_off}/g" \ -e "s/Win32/${html_yellow}\Win32${html_off}/g" \
-e "s/Win64/${html_yellow}\Win64${html_off}/g" \ -e "s/Win64/${html_yellow}\Win64${html_off}/g" \