Extra checks on css

2020-11-15 11:01:05 +00:00 · 2020-11-15 11:01:05 +00:00 · 9726a63c33
parent 1f1cbd3eea
commit 9726a63c33
2 changed files with 23 additions and 17 deletions
--- a/content.py
+++ b/content.py
@ -181,6 +181,28 @@ def dangerousMarkup(content: str) -> bool:
    return False


+def dangerousCSS(filename: str) -> bool:
+    """Returns true is the css file contains code which
+    can create security problems
+    """
+    if not os.path.isfile(filename):
+        return False
+
+    with open(filename, 'r') as fp:
+        content = fp.read()
+
+        cssMatches = ('behavior:', ':expression', '?php')
+        for match in cssMatches:
+            if match in content:
+                return True
+
+        # an attacker can include html inside of the css
+        # file as a comment and this may then be run from the html
+        if dangerousMarkup(content):
+            return True
+    return False
+
+
 def switchWords(baseDir: str, nickname: str, domain: str, content: str) -> str:
    """Performs word replacements. eg. Trump -> The Orange Menace
    """
--- a/theme.py
+++ b/theme.py
@ -10,23 +10,7 @@ import os
 from utils import loadJson
 from utils import saveJson
 from shutil import copyfile
-
-
-def dangerousCSS(filename: str) -> bool:
-    """Returns true is the css file contains code which
-    can create security problems
-    """
-    if not os.path.isfile(filename):
-        return False
-
-    with open(filename, 'r') as fp:
-        css = fp.read()
-
-        cssMatches = ('behavior')
-        for match in cssMatches:
-            if match in css:
-                return True
-    return False
+from content import dangerousCSS


 def getThemeFiles() -> []: