kmx.io/prism.js

Browse

Commit 537a9e8015c28d516c1eb2ab8cd2aa82c2d2e32c

edukisto 2020-07-05T15:22:39

CSP: Fixed directives (#2461) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

diff --git a/components/prism-csp.js b/components/prism-csp.js
index 2c028a1..861f5a0 100644
--- a/components/prism-csp.js
+++ b/components/prism-csp.js
@@ -11,7 +11,7 @@
 
 Prism.languages.csp = {
 	'directive':  {
-		pattern: /\b(?:(?:base-uri|form-action|frame-ancestors|plugin-types|referrer|reflected-xss|report-to|report-uri|require-sri-for|sandbox) |(?:block-all-mixed-content|disown-opener|upgrade-insecure-requests)(?: |;)|(?:child|connect|default|font|frame|img|manifest|media|object|script|style|worker)-src )/i,
+		pattern: /\b(?:base-uri|block-all-mixed-content|(?:child|connect|default|font|frame|img|manifest|media|object|script|style|worker)-src|disown-opener|form-action|frame-ancestors|plugin-types|referrer|reflected-xss|report-to|report-uri|require-sri-for|sandbox|upgrade-insecure-requests)\b/i,
 		alias: 'keyword'
 	},
 	'safe': {
diff --git a/components/prism-csp.min.js b/components/prism-csp.min.js
index ce8999f..b07a47a 100644
--- a/components/prism-csp.min.js
+++ b/components/prism-csp.min.js
@@ -1 +1 @@
-Prism.languages.csp={directive:{pattern:/\b(?:(?:base-uri|form-action|frame-ancestors|plugin-types|referrer|reflected-xss|report-to|report-uri|require-sri-for|sandbox) |(?:block-all-mixed-content|disown-opener|upgrade-insecure-requests)(?: |;)|(?:child|connect|default|font|frame|img|manifest|media|object|script|style|worker)-src )/i,alias:"keyword"},safe:{pattern:/'(?:self|none|strict-dynamic|(?:nonce-|sha(?:256|384|512)-)[a-zA-Z\d+=/]+)'/,alias:"selector"},unsafe:{pattern:/(?:'unsafe-inline'|'unsafe-eval'|'unsafe-hashed-attributes'|\*)/,alias:"function"}};
\ No newline at end of file
+Prism.languages.csp={directive:{pattern:/\b(?:base-uri|block-all-mixed-content|(?:child|connect|default|font|frame|img|manifest|media|object|script|style|worker)-src|disown-opener|form-action|frame-ancestors|plugin-types|referrer|reflected-xss|report-to|report-uri|require-sri-for|sandbox|upgrade-insecure-requests)\b/i,alias:"keyword"},safe:{pattern:/'(?:self|none|strict-dynamic|(?:nonce-|sha(?:256|384|512)-)[a-zA-Z\d+=/]+)'/,alias:"selector"},unsafe:{pattern:/(?:'unsafe-inline'|'unsafe-eval'|'unsafe-hashed-attributes'|\*)/,alias:"function"}};
\ No newline at end of file
diff --git a/tests/languages/csp/directive_no_value_feature.test b/tests/languages/csp/directive_no_value_feature.test
index 5ae927d..a45d608 100644
--- a/tests/languages/csp/directive_no_value_feature.test
+++ b/tests/languages/csp/directive_no_value_feature.test
@@ -3,7 +3,8 @@ upgrade-insecure-requests;
 ----------------------------------------------------
 
 [
-	["directive", "upgrade-insecure-requests;"]
+	["directive", "upgrade-insecure-requests"],
+	";"
 ]
 
 ----------------------------------------------------
diff --git a/tests/languages/csp/directive_with_source_expression_feature.test b/tests/languages/csp/directive_with_source_expression_feature.test
index fc059f4..a4db6cd 100644
--- a/tests/languages/csp/directive_with_source_expression_feature.test
+++ b/tests/languages/csp/directive_with_source_expression_feature.test
@@ -3,8 +3,8 @@ script-src example.com;
 ----------------------------------------------------
 
 [
-	["directive", "script-src "],
-	"example.com;"
+	["directive", "script-src"],
+	" example.com;"
 ]
 
 ----------------------------------------------------
diff --git a/tests/languages/csp/safe_feature.test b/tests/languages/csp/safe_feature.test
index af31d1a..13c9d83 100644
--- a/tests/languages/csp/safe_feature.test
+++ b/tests/languages/csp/safe_feature.test
@@ -3,10 +3,10 @@ default-src 'none'; style-src 'self' 'strict-dynamic' 'nonce-yeah' 'sha256-EpOpN
 ----------------------------------------------------
 
 [
-	["directive", "default-src "],
+	["directive", "default-src"],
 	["safe", "'none'"],
 	"; ",
-	["directive", "style-src "],
+	["directive", "style-src"],
 	["safe", "'self'"],
 	["safe", "'strict-dynamic'"],
 	["safe", "'nonce-yeah'"],
diff --git a/tests/languages/csp/unsafe_feature.test b/tests/languages/csp/unsafe_feature.test
index 1fe7e47..e1cf98a 100644
--- a/tests/languages/csp/unsafe_feature.test
+++ b/tests/languages/csp/unsafe_feature.test
@@ -3,7 +3,7 @@ script-src 'unsafe-inline' 'unsafe-eval' 'unsafe-hashed-attributes';
 ----------------------------------------------------
 
 [
-	["directive", "script-src "],
+	["directive", "script-src"],
 	["unsafe", "'unsafe-inline'"],
 	["unsafe", "'unsafe-eval'"],
 	["unsafe", "'unsafe-hashed-attributes'"],
kmx.io     mail     discord kmxgit v0.4.0