blob: 4cfe0ec52cd7e307c59e55d7e19649de930179d6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package Parser;
import testapp.data.ExternalJavascriptItem;
import testapp.data.Item;
import java.util.logging.*;
public class JavascriptParser {
private Item rootNode;
private static final Logger logger = Logger.getLogger(JavascriptParser.class.getName());
public JavascriptParser(Item rootNode) {
this.rootNode=rootNode;
}
public ExternalJavascriptItem parse(String url) {
// Todo: http client to recieve url and put contents into code
String code=new String();
return parseCode(code, url);
}
public ExternalJavascriptItem parseCode(String code, String url) {
// the only evil js code should be
//document.write('<script type="text/javascript" src="'+ jsFile + '"></scr' + 'ipt>');
// => nearly impossible to parse, so we search only for "src" string
// if found, code is marked suspicious
// could be tricked by spliting the string!
//
ExternalJavascriptItem externalJavascriptItem=new ExternalJavascriptItem(url,rootNode);
rootNode.add(externalJavascriptItem);
if(code.contains("src")) {
externalJavascriptItem.setSuspiciousCode();
}
return externalJavascriptItem;
}
}
|
