- Timestamp:
- 10/05/10 16:08:15 (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.2/jabberit_messenger/jmessenger/js/trophyim.js
r3320 r3325 810 810 811 811 // Get Message 812 var _message = document.createElement("div"); 813 _message.innerHTML = Strophe.getText(elems[0]); 814 812 var _message = document.createElement("div"); 813 var _text = Strophe.getText( elems[0] ); 814 815 // Events Javascript 816 _text = _text.replace(/onblur/gi,"EVENT_DENY"); 817 818 _text = _text.replace(/onchange/gi,"EVENT_DENY"); 819 820 _text = _text.replace(/onclick/gi,"EVENT_DENY"); 821 822 _text = _text.replace(/ondblclick/gi,"EVENT_DENY"); 823 824 _text = _text.replace(/onerror/gi,"EVENT_DENY"); 825 826 _text = _text.replace(/onfocus/gi,"EVENT_DENY"); 827 828 _text = _text.replace(/onkeydown/gi,"EVENT_DENY"); 829 830 _text = _text.replace(/onkeypress/gi,"EVENT_DENY"); 831 832 _text = _text.replace(/onkeyup/gi,"EVENT_DENY"); 833 834 _text = _text.replace(/onmousedown/gi,"EVENT_DENY"); 835 836 _text = _text.replace(/onmousemove/gi,"EVENT_DENY"); 837 838 _text = _text.replace(/onmouseout/gi,"EVENT_DENY"); 839 840 _text = _text.replace(/onmouseover/gi,"EVENT_DENY"); 841 842 _text = _text.replace(/onmouseup/gi,"EVENT_DENY"); 843 844 _text = _text.replace(/onresize/gi,"EVENT_DENY"); 845 846 _text = _text.replace(/onselect/gi,"EVENT_DENY"); 847 848 _text = _text.replace(/onunload/gi,"EVENT_DENY"); 849 850 // Events CSS 851 _text = _text.replace(/style/gi,"EVENT_DENY"); 852 853 _message.innerHTML = _text; 854 855 ////////// BEGIN XSS ////////////////////////////////////////////////// 815 856 // Delete Tags <SCRIPT> 816 857 var scripts = _message.getElementsByTagName('script'); 817 818 for (var i = 0; i < scripts.length; i++) 819 _message.removeChild(scripts[i--]); 858 for (var i = 0; i < scripts.length; i++){ _message.removeChild(scripts[i--]); } 859 //////////////////////////////////////////////////// 820 860 821 861 // Delete Tags <IMG> 822 862 var _imgSrc = _message.getElementsByTagName('img'); 823 824 for (var i = 0; i < _imgSrc.length; i++) 825 _message.removeChild( _imgSrc[i--] ); 826 863 for (var i = 0; i < _imgSrc.length; i++){ _message.removeChild( _imgSrc[i--] ); } 864 //////////////////////////////////////////////////// 865 866 // Delete Tags <DIV> 867 var _Div = _message.getElementsByTagName('div'); 868 for (var i = 0; i < _Div.length; i++){ _message.removeChild( _Div[i--] ); } 869 //////////////////////////////////////////////////// 870 871 // Delete Tags <SPAN> 872 var _Span = _message.getElementsByTagName('span'); 873 for (var i = 0; i < _Span.length; i++){ _message.removeChild( _Span[i--] ); } 874 //////////////////////////////////////////////////// 875 876 // Delete Tags <IFRAME> 877 var _Iframe = _message.getElementsByTagName('iframe'); 878 for (var i = 0; i < _Iframe.length; i++){ _message.removeChild( _Iframe[i--] ); } 879 880 // Delete Tags <A HREF> 881 var _aHref = _message.getElementsByTagName('a'); 882 for (var i = 0; i < _aHref.length; i++){ _message.removeChild( _aHref[i--] ); } 883 884 827 885 _message.innerHTML = _message.innerHTML.replace(/^\s+|\s+$|^\n|\n$/g, ""); 886 ////////// END XSS ////////////////////////////////////////////////// 828 887 829 888 // Get Smiles
Note: See TracChangeset
for help on using the changeset viewer.