Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
python3-lxml.26328
CVE-2021-28957-prevent-formaction.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-28957-prevent-formaction.patch of Package python3-lxml.26328
From 10ec1b4e9f93713513a3264ed6158af22492f270 Mon Sep 17 00:00:00 2001 From: Kevin Chung <kchung@nyu.edu> Date: Sat, 20 Mar 2021 02:49:25 -0400 Subject: [PATCH 1/2] Add formaction attribute to defs.link_attrs --- src/lxml/html/defs.py | 2 ++ 1 file changed, 2 insertions(+) Index: lxml-3.3.5/src/lxml/html/defs.py =================================================================== --- lxml-3.3.5.orig/src/lxml/html/defs.py +++ lxml-3.3.5/src/lxml/html/defs.py @@ -27,6 +27,8 @@ link_attrs = frozenset([ 'usemap', # Not standard: 'dynsrc', 'lowsrc', + # HTML5 formaction + 'formaction' ]) # Not in the HTML 4 spec: Index: lxml-3.3.5/src/lxml/html/tests/test_clean.py =================================================================== --- lxml-3.3.5.orig/src/lxml/html/tests/test_clean.py +++ lxml-3.3.5/src/lxml/html/tests/test_clean.py @@ -89,6 +89,21 @@ class CleanerTest(unittest.TestCase): b'<math><style>/* deleted */</style></math>', lxml.html.tostring(clean_html(s))) + def test_formaction_attribute_in_button_input(self): + # The formaction attribute overrides the form's action and should be + # treated as a malicious link attribute + html = ('<form id="test"><input type="submit" formaction="javascript:alert(1)"></form>' + '<button form="test" formaction="javascript:alert(1)">X</button>') + expected = ('<div><form id="test"><input type="submit" formaction=""></form>' + '<button form="test" formaction="">X</button></div>') + cleaner = Cleaner( + forms=False, + safe_attrs_only=False, + ) + self.assertEqual( + expected, + cleaner.clean_html(html)) + def test_suite(): suite = unittest.TestSuite()
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor