Merge pull request #5236 from asgerf/js/html-invalid-attr-name

Approved by erik-krogh
2026-04-30 19:26:02 +02:00 · 2021-02-23 02:03:29 -08:00
parent 6213c20bc3 b8e1987cad
commit 2551aace89
2 changed files with 16 additions and 0 deletions
--- a/javascript/extractor/src/com/semmle/js/extractor/HTMLExtractor.java
+++ b/javascript/extractor/src/com/semmle/js/extractor/HTMLExtractor.java
@@ -143,6 +143,18 @@ public class HTMLExtractor implements IExtractor {
          }
      }
    }
+
+    @Override
+    public boolean shouldExtractAttributes(Element element) {
+      Attributes attributes = element.getAttributes();
+      if (attributes == null) return false;
+      for (Attribute attr : attributes) {
+        if (!VALID_ATTRIBUTE_NAME.matcher(attr.getName()).matches()) {
+          return false;
+        }
+      }
+      return true;
+    }
  }

  private boolean isAngularTemplateAttributeName(String name) {
@@ -153,6 +165,8 @@ public class HTMLExtractor implements IExtractor {

  private static final Pattern ANGULAR_FOR_LOOP_DECL = Pattern.compile("^ *let +(\\w+) +of(?: +|(?!\\w))(.*)");

+  private static final Pattern VALID_ATTRIBUTE_NAME = Pattern.compile("\\*?\\[?\\(?[\\w:_\\-]+\\]?\\)?");
+
  /** List of HTML attributes whose value is interpreted as JavaScript. */
  private static final Pattern JS_ATTRIBUTE =
      Pattern.compile(
--- a/javascript/ql/test/query-tests/DOM/HTML/DuplicateAttributes.html
+++ b/javascript/ql/test/query-tests/DOM/HTML/DuplicateAttributes.html
@@ -1 +1,3 @@
 <a href="https://semmle.com" href="https://semmle.com">Semmle</a>
+
+<td {% foo %} {% foo %}></td>