1.65b: dictionary & CSS MIME sniffing improvements
- Relaxed MIME matching on claimed CSS/JS that fails MIME sniffing logic. - Proper detection of @media in CSS.
This commit is contained in:
parent
ce8e52b8fb
commit
5b119c8e7f
|
@ -1,3 +1,10 @@
|
||||||
|
Version 1.65b:
|
||||||
|
--------------
|
||||||
|
|
||||||
|
- Relaxed MIME matching on claimed CSS/JS that fails MIME sniffing logic.
|
||||||
|
|
||||||
|
- Proper detection of @media in CSS.
|
||||||
|
|
||||||
Version 1.64b:
|
Version 1.64b:
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
|
|
2
Makefile
2
Makefile
|
@ -20,7 +20,7 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
PROGNAME = skipfish
|
PROGNAME = skipfish
|
||||||
VERSION = 1.64b
|
VERSION = 1.65b
|
||||||
|
|
||||||
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
|
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
|
||||||
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
|
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
|
||||||
|
|
11
analysis.c
11
analysis.c
|
@ -1066,9 +1066,10 @@ static u8 is_css(struct http_response* res) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* @import or @charset is a clear indicator of CSS. */
|
/* @import, @media, or @charset is a clear indicator of CSS. */
|
||||||
|
|
||||||
if (*text == '@' && (!strncasecmp((char*)text + 1, "import", 6) ||
|
if (*text == '@' && (!strncasecmp((char*)text + 1, "import", 6) ||
|
||||||
|
!strncasecmp((char*)text + 1, "media", 5) ||
|
||||||
!strncasecmp((char*)text + 1, "charset", 7))) {
|
!strncasecmp((char*)text + 1, "charset", 7))) {
|
||||||
res->css_type = 2;
|
res->css_type = 2;
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1562,7 +1563,7 @@ void content_checks(struct http_request* req, struct http_response* res) {
|
||||||
|
|
||||||
if (*tmp == '<') {
|
if (*tmp == '<') {
|
||||||
u8* tag_name;
|
u8* tag_name;
|
||||||
u32 len = strcspn((char*)++tmp, "> \t\r\n"), space_len;
|
u32 len = strcspn((char*)++tmp, ">= \t\r\n"), space_len;
|
||||||
u8 remote_script = 0;
|
u8 remote_script = 0;
|
||||||
|
|
||||||
/* Skip comments where possible. */
|
/* Skip comments where possible. */
|
||||||
|
@ -1809,9 +1810,13 @@ binary_checks:
|
||||||
value... and also failed to sniff.
|
value... and also failed to sniff.
|
||||||
|
|
||||||
Mismatch between MIME_ASC_HTML and MIME_XML_XHTML is not worth
|
Mismatch between MIME_ASC_HTML and MIME_XML_XHTML is not worth
|
||||||
complaining about, too. */
|
complaining about; the same about JS or CSS responses being
|
||||||
|
sniffed as "unknown ASCII". */
|
||||||
|
|
||||||
if (res->sniff_mime_id != res->decl_mime_id &&
|
if (res->sniff_mime_id != res->decl_mime_id &&
|
||||||
|
!((res->decl_mime_id == MIME_ASC_JAVASCRIPT ||
|
||||||
|
res->decl_mime_id == MIME_ASC_CSS) &&
|
||||||
|
res->sniff_mime_id == MIME_ASC_GENERIC) &&
|
||||||
!(res->decl_mime_id == MIME_ASC_HTML &&
|
!(res->decl_mime_id == MIME_ASC_HTML &&
|
||||||
res->sniff_mime_id == MIME_XML_XHTML) &&
|
res->sniff_mime_id == MIME_XML_XHTML) &&
|
||||||
!(res->decl_mime_id == MIME_XML_XHTML &&
|
!(res->decl_mime_id == MIME_XML_XHTML &&
|
||||||
|
|
1
config.h
1
config.h
|
@ -231,6 +231,7 @@ static const char* form_suggestion[][2] = {
|
||||||
{ "user" , "skipfish" },
|
{ "user" , "skipfish" },
|
||||||
{ "nick" , "skipfish" },
|
{ "nick" , "skipfish" },
|
||||||
{ "pass" , "skipfish" },
|
{ "pass" , "skipfish" },
|
||||||
|
{ "pwd" , "skipfish" },
|
||||||
{ "year" , "2010" },
|
{ "year" , "2010" },
|
||||||
{ "card" , "4111111111111111" }, /* Reserved */
|
{ "card" , "4111111111111111" }, /* Reserved */
|
||||||
{ "code" , "000" },
|
{ "code" , "000" },
|
||||||
|
|
|
@ -1221,6 +1221,7 @@ w 1 1 1 online
|
||||||
w 1 1 1 op
|
w 1 1 1 op
|
||||||
w 1 1 1 open
|
w 1 1 1 open
|
||||||
w 1 1 1 openbsd
|
w 1 1 1 openbsd
|
||||||
|
w 1 1 1 opencart
|
||||||
w 1 1 1 opendir
|
w 1 1 1 opendir
|
||||||
w 1 1 1 openejb
|
w 1 1 1 openejb
|
||||||
w 1 1 1 openjpa
|
w 1 1 1 openjpa
|
||||||
|
@ -1986,6 +1987,7 @@ w 1 1 1 zboard
|
||||||
w 1 1 1 zencart
|
w 1 1 1 zencart
|
||||||
w 1 1 1 zend
|
w 1 1 1 zend
|
||||||
w 1 1 1 zero
|
w 1 1 1 zero
|
||||||
|
w 1 1 1 zimbra
|
||||||
w 1 1 1 zipfiles
|
w 1 1 1 zipfiles
|
||||||
w 1 1 1 zips
|
w 1 1 1 zips
|
||||||
w 1 1 1 zoom
|
w 1 1 1 zoom
|
||||||
|
|
|
@ -1209,6 +1209,7 @@ w 1 1 1 online
|
||||||
w 1 1 1 op
|
w 1 1 1 op
|
||||||
w 1 1 1 open
|
w 1 1 1 open
|
||||||
w 1 1 1 openbsd
|
w 1 1 1 openbsd
|
||||||
|
w 1 1 1 opencart
|
||||||
w 1 1 1 opendir
|
w 1 1 1 opendir
|
||||||
w 1 1 1 openejb
|
w 1 1 1 openejb
|
||||||
w 1 1 1 openjpa
|
w 1 1 1 openjpa
|
||||||
|
@ -1985,6 +1986,7 @@ w 1 1 1 zboard
|
||||||
w 1 1 1 zencart
|
w 1 1 1 zencart
|
||||||
w 1 1 1 zend
|
w 1 1 1 zend
|
||||||
w 1 1 1 zero
|
w 1 1 1 zero
|
||||||
|
w 1 1 1 zimbra
|
||||||
w 1 1 1 zipfiles
|
w 1 1 1 zipfiles
|
||||||
w 1 1 1 zips
|
w 1 1 1 zips
|
||||||
w 1 1 1 zoom
|
w 1 1 1 zoom
|
||||||
|
|
|
@ -1192,6 +1192,7 @@ w 1 1 1 online
|
||||||
w 1 1 1 op
|
w 1 1 1 op
|
||||||
w 1 1 1 open
|
w 1 1 1 open
|
||||||
w 1 1 1 openbsd
|
w 1 1 1 openbsd
|
||||||
|
w 1 1 1 opencart
|
||||||
w 1 1 1 opendir
|
w 1 1 1 opendir
|
||||||
w 1 1 1 openejb
|
w 1 1 1 openejb
|
||||||
w 1 1 1 openjpa
|
w 1 1 1 openjpa
|
||||||
|
@ -1982,6 +1983,7 @@ w 1 1 1 zboard
|
||||||
w 1 1 1 zencart
|
w 1 1 1 zencart
|
||||||
w 1 1 1 zend
|
w 1 1 1 zend
|
||||||
w 1 1 1 zero
|
w 1 1 1 zero
|
||||||
|
w 1 1 1 zimbra
|
||||||
w 1 1 1 zipfiles
|
w 1 1 1 zipfiles
|
||||||
w 1 1 1 zips
|
w 1 1 1 zips
|
||||||
w 1 1 1 zoom
|
w 1 1 1 zoom
|
||||||
|
|
Loading…
Reference in New Issue