CN112883688A - Rich text filtering method, rich text filtering device and computer readable storage medium - Google Patents
Rich text filtering method, rich text filtering device and computer readable storage medium Download PDFInfo
- Publication number
- CN112883688A CN112883688A CN201911200307.5A CN201911200307A CN112883688A CN 112883688 A CN112883688 A CN 112883688A CN 201911200307 A CN201911200307 A CN 201911200307A CN 112883688 A CN112883688 A CN 112883688A
- Authority
- CN
- China
- Prior art keywords
- attribute
- content
- rich text
- filtering
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001914 filtration Methods 0.000 title claims abstract description 110
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000004590 computer program Methods 0.000 claims description 8
- 230000000717 retained effect Effects 0.000 claims description 8
- 238000004458 analytical method Methods 0.000 claims description 3
- 238000005215 recombination Methods 0.000 claims description 3
- 230000006798 recombination Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 5
- 230000007123 defense Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a rich text filtering method, a rich text filtering device and a computer readable storage medium. A rich text filtering method includes the steps of obtaining a character string of a rich text, analyzing the character string into objects including label data and content, traversing object nodes, filtering the label data when the current traversed object nodes are the label data, conducting escaping aiming at the content when the current traversed object nodes are the content, filtering the label data after all the object nodes are traversed, and recombining the objects after escaping aiming at the label data and aiming at the content into the character string for representing the rich text.
Description
Technical Field
The invention relates to the field of security, and discloses a technology for preventing rich text from being attacked by cross-site scripting (XSS).
Background
Unlike ordinary text input, rich text editors allow users to embed tags and styles to provide rich formatting, making text output more aesthetically pleasing and hierarchical.
At present, most of the ways for preventing cross-site scripting attack adopt label filtering, and a blacklist removes keywords or character meaning to defend, and a systematic defense way for cross-site scripting attack aiming at rich texts is not provided.
The existing method for preventing cross-site scripting attack has the following problems: for rich text, the effect of the rich text can be lost by directly performing the escape; single and double quotation marks are generally not transferred, which has the possibility of being utilized by attackers; in addition, label filtering is mostly blacklist filtering, and there is a bypass possibility.
Disclosure of Invention
Aiming at the problems, the invention provides a rich text filtering method, which can realize the filtering of cross-site scripting attack aiming at rich text while keeping the style and content of the rich text.
According to one aspect of the present invention, a rich text filtering method is provided, wherein a character string of a rich text is obtained, the character string is parsed into objects including tag data and content, object nodes are traversed, when the current traversed object nodes are the tag data, the tag data is filtered, when the current traversed object nodes are the content, the content is escaped, after all the object nodes are traversed, the tag data is filtered, and the objects escaped from the content are recombined into the character string representing the rich text.
Preferably, when the character string is parsed into an object including tag data and content, the character string that does not conform to the rich text syntax is deleted.
Preferably, a tag white list is preset, and the filtering for the tag data includes: and filtering the tags in the tag data to retain the tag data of the tags in the tag white list, and deleting the tag data of the tags in the tag white list.
Preferably, an attribute white list is preset, and when the tag data after filtering the tag data includes an attribute, the attribute is filtered to retain the attribute existing in the attribute white list and the value of the attribute, and the attribute not existing in the attribute white list and the value of the attribute are deleted.
Preferably, rules indicating values of the attributes are set in advance, and values of the attributes that do not meet the rules indicating the values of the attributes are deleted from the values of the retained attributes.
Preferably, when the tag data after filtering the tag data includes a content, the content is escaped.
Preferably, the escaping of the content includes: and escaping the symbols in the content, which can be analyzed and executed by a browser.
According to another aspect of the present invention, there is provided a rich text filtering apparatus including: an acquisition unit that acquires a character string of a rich text; an analysis unit that analyzes the character string into an object including tag data and content; a filtering unit for filtering the tag data included in the object analyzed by the analyzing unit; a content escaping unit escaping contents included in the object analyzed by the analyzing unit; and a recombination unit recombining the object after the filtering by the filtering unit and the object after the content escaping by the content escaping unit into a character string for representing rich text.
Preferably, the parsing unit deletes a character string that does not conform to the rich text grammar when parsing the character string into an object including tag data and content.
Preferably, the rich text filtering device further includes: a tag white list storage unit configured to store a tag white list, wherein the filtering unit includes: a first filtering unit, configured to filter tags included in the tag data to retain tag data where the tags existing in the tag white list are located, and delete the tag data where the tags not existing in the tag white list are located.
Preferably, the rich text filtering device further includes: an attribute white list storing unit configured to store an attribute white list, the filtering unit including: and a second filtering unit configured to, when the tag data after being filtered includes an attribute, filter the attribute to retain the attribute existing in the attribute white list and a value of the attribute, and delete the attribute not existing in the attribute white list and the value of the attribute.
Preferably, the filter unit comprises: and a third filtering unit configured to retain values of the attributes satisfying the rule indicating the value of the attribute from the values of the attributes retained by the second filtering unit, and delete values of the attributes not satisfying the rule indicating the value of the attribute.
Preferably, the content escaping unit escapes the content when the tag data after filtering the tag data includes the content.
Preferably, the content escaping means escapes a symbol in the content, which symbol can be analyzed and executed by a browser.
According to a further aspect of the invention, a computer-readable storage medium is provided, on which a computer program is stored which, when being executed by a processor, carries out the steps of the rich text filtering method described above.
According to the method and the device, the rich text filtering is automatically executed when the server side obtains the rich text, and the cross-site scripting attack aiming at the rich text is filtered while the rich text style and content are reserved. In addition, customized filtering can be performed by self-defining the adding rule in a mode of modifying the white list.
According to the rich text filtering method provided by the invention, the problems that a large amount of strategies are needed in the existing blacklist, the strategies need to be updated frequently, the defense cannot be advanced, the compatibility with the rich text character string is realized and the like are solved, the function code can be received by modifying the server side of the rich text editor, or the function code is bound on the receiving function in a hook mode, the cross-site scripting attack in the rich text character string is filtered, and the safety of a website or application is improved.
Drawings
Fig. 1 shows a flowchart of a rich text filtering method according to an embodiment of the present invention.
Fig. 2 illustrates a specific embodiment of a rich text filtering method.
Fig. 3 shows an example of the structure of the parsed object.
Fig. 4 is a block diagram of a rich text filtering apparatus according to an embodiment of the present invention.
FIG. 5 illustrates an example of XSS attack code.
FIG. 6 shows the code resulting from rich text string parsing of XSS attack code.
FIG. 7 illustrates the resulting code after filtering the tags and attributes.
FIG. 8 shows code after content escaping from code resulting from filtering tags and attributes.
FIG. 9 shows the resulting code after further filtering of the values of the attributes.
Detailed Description
Embodiments for implementing the present invention are described in detail below with reference to the accompanying drawings.
Fig. 1 shows a flowchart of a rich text filtering method according to an embodiment of the present invention.
In step S1, a character string of the rich text is acquired.
In step S2, the character string is parsed into objects including tag data and content.
The tag data at least includes a tag, and the tag data may further include an attribute and/or content, and the attribute may include a value of the attribute.
When the character string is parsed, the parsing is performed according to the rich text grammar. The method of parsing the character string is not limited, and an existing parsing method may be used, for example, parsing may be performed according to HTML syntax. For example, the rich text string may be parsed into objects including tag data and content by referring to rules for parsing the rich text string by the browser and simulating a parsing scheme of the browser.
In a preferred embodiment, when parsing a character string, the part that cannot be parsed may be directly filtered, i.e., a character string that does not conform to the rich text grammar may be deleted. In this way, malicious content that an attacker intentionally writes outside the rules may be filtered.
Step S3, the object node is traversed, and if the object node is the tag data, the process proceeds to step S4, and if the object node is the content, the process proceeds to step S5.
Step S4, filtering is performed on the tag data included in the object.
In step S4, the tags in the tag data are first filtered. In an embodiment of the present invention, the labels are filtered by means of a white list. Specifically, for example, a tag white list is set in advance, tags existing in the tag white list are retained, and tags not existing in the tag white list are deleted. If the tag data includes attributes/contents in addition to the tag, when a tag that does not exist in the tag white list is deleted, the attribute/contents in the tag data in which the tag is located are also deleted.
When the tag data includes attributes in addition to the tags, the attributes are further filtered after the tags are filtered. In the embodiment of the present invention, the attribute may also be filtered by a white list. Specifically, the attribute white list is preset, the attributes existing in the attribute white list are retained, and the attributes not existing in the attribute white list are deleted. When an attribute that does not exist in the attribute whitelist is deleted, the value of the attribute is also deleted.
After filtering the attribute, the value of the attribute needs to be further filtered. In the embodiment of the present invention, a rule indicating a value of an attribute is set in advance, and if the value of the attribute conforms to the rule indicating the value of the attribute, the value of the attribute is retained, and if the value of the attribute does not conform to the rule indicating the value of the attribute, the value of the attribute is deleted.
The tag whitelist and the attribute whitelist may be default lists or user-defined lists. The form of the tag whitelist and the attribute whitelist is not limited, and may be a whitelist rule tree.
Through the steps, malicious content which attacks by utilizing the labels and the attributes can be filtered.
When the tag data includes content in addition to the tag, the content is escaped after the tag is filtered. The escape method for the content included in the tag data is the same as the escape method for the content other than the tag data in step S5, and the description thereof is omitted here.
Step S5, content escaping is performed for the content included in the object.
When escaping from the content, symbols (for example, special characters including single and double quotation marks) in the content, which can be analyzed and executed by the browser, are escaped.
The character content in the rich text object does not need to be analyzed by the browser, so that special characters including single quotation marks and double quotation marks in the content are subjected to forced escape, and the attack part in the content cannot be analyzed by the browser while the accuracy of content output is ensured.
In step S6, the objects after filtering the tag data and escaping the content are recombined into a rich text string. In step S6, the combination is performed in a manner corresponding to the analysis method in step S2.
Of course, before recombining the rich text strings, the objects obtained after filtering the tag data and performing content escaping for the content may be further filtered to remove the malicious content generated by re-splicing after the filtering of the previous step, so as to prevent the cross-site scripting attack that cannot be solved by the step S4.
By the rich text filtering method, the filtering is automatically executed when the server side obtains the rich text, and the cross-site scripting attack aiming at the rich text is filtered while the rich text style and content are kept.
In addition, in the present invention, the order of filtering the attributes and escaping the content is not limited, and the two may be performed in parallel, or the attributes may be filtered first and then the content may be escaped.
In addition, in the present invention, the values of the attributes may be filtered after all the attributes are filtered, or the values of the corresponding attributes may be filtered while filtering each attribute. In addition, the order of filtering the value of the attribute and the order of escaping the content are not limited, and the two may be performed in parallel, or the value of the attribute may be filtered first and then the content may be escaped, or the content may be escaped first and then the value of the attribute may be filtered.
Fig. 2 illustrates a specific embodiment of a rich text filtering method.
In step S201, a rich text string is acquired.
Step S202, the character string is analyzed into an object.
When the character string is analyzed, the part which cannot be analyzed can be directly filtered, namely the character string which does not accord with the rich text grammar can be deleted.
In this embodiment, the analyzed object structure can be represented as shown in fig. 3, for example.
Step S203, the object node is traversed.
And step S204, judging whether the current traversal node is a label, if so, entering step S205, otherwise, entering step S207.
Step S205, judging whether the label exists in the label white list, if yes, entering step S203, and continuing to traverse the next object node, otherwise, entering step S206.
In step S206, the label node is deleted, and then the process proceeds to step S203 to continue traversing the next object node. When a label node is deleted, the attributes and content associated with the label are also deleted.
Step S207, determining whether the current traversal node is an attribute, if yes, proceeding to step S208, otherwise, proceeding to step S2012.
And step S208, judging whether the attribute exists in the attribute white list, if so, entering step S2010, otherwise, entering step S209.
In step S209, the attribute node is deleted, and then the process proceeds to step S203 to continue traversing the next object node. When an attribute node is deleted, the attribute value of the attribute is also deleted.
Step S2010, determining whether the attribute value of the attribute meets a predetermined rule, if yes, proceeding to step S203, and continuing to traverse the next object node, otherwise, proceeding to step S2011. Wherein the predetermined rule is a rule indicating an attribute value of the attribute.
In step S2011, the attribute value is deleted, and then the process proceeds to step S203 to continue traversing the next object node.
Step S2012, determine whether the current traversal node is content, if yes, go to step S2013, otherwise go to step S2015.
Step S2013, determine whether the current content is a child node, if yes, go to step S203, continue traversing the child node, otherwise go to step S2014.
In step S2014, the content is escaped, and symbols (for example, special characters including unions and quotation marks) in the content that can be analyzed and executed by the browser are escaped.
Step S2015, determining whether all object nodes have been traversed, if yes, proceeding to step S2016, otherwise proceeding to step S203, and continuing to traverse the next object node.
In step S2016, the objects obtained after all the object nodes are traversed are recombined into a rich text string.
The embodiment shown in fig. 2 is an example of implementing the rich text filtering method, and the order of the steps of the rich text filtering method is not limited to the order shown in fig. 2.
Fig. 4 is a block diagram of a rich text filtering apparatus according to an embodiment of the present invention.
As shown in fig. 4, the rich text filtering apparatus 400 may include a processing circuit 401, and the processing circuit 401 is configured to execute a flow of the rich text filtering method according to the embodiment of the present invention. For example, the processing circuit 401 may include: an acquisition unit B1 that acquires a character string of a rich text; a parsing unit B2 that parses the character string into an object including tag data and content; a filtering unit B3 that filters the tag data included in the object parsed by the parsing unit B2; a content escaping unit B4 escaping contents included in the object analyzed by the analyzing unit B2; and the recombination unit B5 recombines the objects after being filtered by the filtering unit B3 and the objects after being content-escaped by the content escape unit B4 into character strings for representing rich text.
The parsing unit B2 deletes a character string that does not conform to the rich text syntax when parsing the character string into an object including tag data and content.
The rich text filtering apparatus 400 further includes: a tag white list storing unit 402, configured to store a tag white list; an attribute white list storage unit 403, configured to store an attribute white list. In the present embodiment, the white list holding means is divided into the tag white list holding means and the attribute white list holding means, but the tag white list and the attribute white list may be held in one holding means.
The filtering unit B3 may further include: a first filtering unit B31 that filters the tags included in the tag data to retain the tag data where the tags existing in the tag whitelist are located and to delete the tag data where the tags not existing in the tag whitelist are located; a second filtering unit B32, when the tag data after filtering the tag data includes an attribute, filtering the attribute to retain the attribute existing in the attribute white list and the value of the attribute, and deleting the attribute not existing in the attribute white list and the value of the attribute; the third filter B33 retains the values of the attributes meeting the rules indicating the values of the attributes from among the values of the attributes retained by the second filter B32, and deletes the values of the attributes not meeting the rules indicating the values of the attributes.
When the tag data after being filtered contains a content, the content escaping unit B4 escapes the content. The content escaping unit B4 escapes symbols in the content that can be parsed and executed by the browser.
It should be noted that the processing circuit 401 of the rich text filtering device may refer to various implementations of digital circuitry, analog circuitry, or mixed signal (a combination of analog and digital) circuitry that perform functions in a computing system. The processing circuitry may include, for example, circuitry such as an Integrated Circuit (IC), an Application Specific Integrated Circuit (ASIC), portions or circuits of an individual processor core, an entire processor core, an individual processor, a programmable hardware device such as a Field Programmable Gate Array (FPGA), and/or a system including multiple processors.
In some embodiments, the rich text filtering means may further comprise a memory (neither shown). The memory of the rich text filtering device may store information generated by the respective processing circuit as well as programs and data for operation of the respective processing circuit. The memory may be volatile memory and/or non-volatile memory. For example, memory may include, but is not limited to, Random Access Memory (RAM), Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), Read Only Memory (ROM), and flash memory.
In addition, the rich text filtering means may be implemented at a chip level, or may also be implemented at a device level by including other external components.
It should be understood that the units shown in the processing circuit 401 of the rich text filtering device are only logic modules divided according to the specific functions implemented, and are not used to limit the specific implementation manner. In actual implementation, the above units may be implemented as separate physical entities, or may be implemented by a single entity (e.g., a processor (CPU or DSP, etc.), an integrated circuit, etc.).
As will be appreciated by one skilled in the art, the present invention may be embodied as a system, apparatus, method, or computer-readable medium as a computer program product. Accordingly, the present invention may be embodied in various forms, such as an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-program code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "circuit," module "or" system. Furthermore, the present invention may also be embodied as a computer program product in any tangible medium having computer usable program code stored thereon.
The present invention is described with reference to flowchart illustrations and/or block diagrams of systems, apparatuses, methods and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and any combination of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be executed by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the functions or acts specified in the flowchart and/or block diagram block or blocks.
Flowcharts and block diagrams of the architecture, functionality, and operation that may be implemented by the systems, devices, methods and computer program products according to various embodiments of the present invention are shown in the accompanying drawings. Accordingly, each block in the flowchart or block diagrams may represent a module, segment, or portion of program code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in the drawings may be executed substantially concurrently, or in some cases, in the reverse order from the drawing depending on the functions involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
An example of filtering XSS attack code is given below. FIG. 5 illustrates an example of XSS attack code. In this example, attack code is shown to include 1-25 lines.
FIG. 6 shows the code resulting from rich text string parsing of XSS attack code. In this example, lines 1 to 6, 24, and 25 in fig. 5 are written outside the outermost layer tags and are considered to be not compliant with the rich text grammar, and line 22 in fig. 5 is considered to be not compliant with the rich text grammar because they are not compliant with the expression of the rich text grammar, so that lines 1 to 6, 22, 24, and 25 in fig. 5 are deleted when the rich text string is parsed, and the code shown in fig. 6 is obtained.
In addition, in the present example, the content written outside the outermost tag is regarded as not conforming to the rich text syntax and is deleted when the rich text string is parsed. However, when the rich text string is parsed, only the content written in the rich text grammar other than the outermost tag is deleted, and the content written in the rich text grammar other than the outermost tag is not deleted, and the content written in the rich text grammar other than the outermost tag is transferred, so that the attack portion of the content written in the rich text grammar other than the outermost tag is not parsed by the browser.
In this example, for example, the tag whitelist includes tags such as body, a, div, img … …, and the attribute whitelist includes attributes such as href, style, src, and class … ….
Fig. 7 shows the code resulting from filtering the tags and attributes based on the above-described tag whitelist and attribute whitelist.
FIG. 8 shows code after content escaping from code resulting from filtering tags and attributes. As shown in fig. 8, the double quote of line 3 in fig. 7 is escape by content.
FIG. 9 shows the resulting code after further filtering of the values of the attributes. In this example, javascript: alert (3), vbscript: MsgBox (5), expression (alert (7)) does not conform to the expression of the attribute value and is thus deleted.
In the above example, the content is escaped after the tag and the attribute are filtered, and the value of the attribute is finally filtered, but the filtering order is not limited to this, and the content may be escaped after the tag and the attribute are filtered.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or technical improvements to the market technology, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (17)
1. A rich text filtering method is characterized in that,
a character string of the rich text is obtained,
the character string is parsed into objects including tag data and content,
traversing object nodes, filtering the label data when the current traversing object nodes are the label data, and escaping the meaning of the content when the current traversing object nodes are the content,
and after traversing all object nodes, recombining the objects after filtering the label data and escaping the content into a character string for representing rich text.
2. The rich text filtering method of claim 1,
when the character string is parsed into an object including tag data and content, the character string that does not conform to the rich text grammar is deleted.
3. The rich text filtering method of claim 1,
a tag white list is set in advance,
filtering against the tag data includes: and filtering the tags in the tag data to retain the tag data of the tags in the tag white list, and deleting the tag data of the tags in the tag white list.
4. The rich text filtering method according to any one of claims 1 to 3,
the attribute white list is set in advance,
and when the label data after filtering the label data comprises the attribute, filtering the attribute to reserve the attribute existing in the attribute white list and the value of the attribute and delete the attribute not existing in the attribute white list and the value of the attribute.
5. The rich text filtering method of claim 4,
a rule indicating the value of the attribute is set in advance,
deleting the value of the attribute which does not conform to the rule representing the value of the attribute from the values of the retained attributes.
6. The rich text filtering method according to any one of claims 1 to 3,
when the label data after filtering the label data comprises content, performing escaping on the content.
7. The rich text filtering method of claim 1,
escaping from the content comprises: and escaping the symbols in the content, which can be analyzed and executed by a browser.
8. The rich text filtering method of claim 6,
escaping from the content comprises: and escaping the symbols in the content, which can be analyzed and executed by a browser.
9. A rich text filtering device, comprising:
an acquisition unit that acquires a character string of a rich text;
an analysis unit that analyzes the character string into an object including tag data and content;
a filtering unit for filtering the tag data included in the object analyzed by the analyzing unit;
a content escaping unit escaping contents included in the object analyzed by the analyzing unit; and
and the recombination unit recombines the objects after being filtered by the filtering unit and the objects after being content escaped by the content escaping unit into character strings for expressing rich texts.
10. The rich text filtering device of claim 9,
the parsing unit deletes a character string that does not conform to the rich text grammar when parsing the character string into an object including tag data and content.
11. The rich text filtering device of claim 9,
further comprising:
a tag white list storing unit for storing a tag white list,
the filter unit includes:
a first filtering unit, configured to filter tags included in the tag data to retain tag data where the tags existing in the tag white list are located, and delete the tag data where the tags not existing in the tag white list are located.
12. The rich text filtering device according to any one of claims 9 to 11,
further comprising:
an attribute white list holding unit for holding an attribute white list,
the filter unit includes:
and a second filtering unit configured to, when the tag data after being filtered includes an attribute, filter the attribute to retain the attribute existing in the attribute white list and a value of the attribute, and delete the attribute not existing in the attribute white list and the value of the attribute.
13. The rich text filtering device of claim 12,
the filter unit further comprises:
and a third filtering unit configured to retain values of the attributes satisfying the rule indicating the value of the attribute from the values of the attributes retained by the second filtering unit, and delete values of the attributes not satisfying the rule indicating the value of the attribute.
14. The rich text filtering device according to any one of claims 9 to 11,
when the tag data after filtering the tag data contains content, the content escaping unit escaping the content.
15. The rich text filtering device of claim 9,
the content escaping unit escapes symbols in the content, which can be analyzed and executed by a browser.
16. The rich text filtering device of claim 14,
the content escaping unit escapes symbols in the content, which can be analyzed and executed by a browser.
17. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the rich text filtering method of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911200307.5A CN112883688A (en) | 2019-11-29 | 2019-11-29 | Rich text filtering method, rich text filtering device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911200307.5A CN112883688A (en) | 2019-11-29 | 2019-11-29 | Rich text filtering method, rich text filtering device and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112883688A true CN112883688A (en) | 2021-06-01 |
Family
ID=76038510
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911200307.5A Pending CN112883688A (en) | 2019-11-29 | 2019-11-29 | Rich text filtering method, rich text filtering device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112883688A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113297502A (en) * | 2021-07-23 | 2021-08-24 | 浙江新华移动传媒股份有限公司 | Rich text monitoring and filtering method and device |
| CN113722641A (en) * | 2021-08-30 | 2021-11-30 | 平安国际智慧城市科技股份有限公司 | AI-based injection request protection method, device, terminal equipment and medium |
| CN114048708A (en) * | 2022-01-13 | 2022-02-15 | 山东捷瑞数字科技股份有限公司 | Automatic typesetting method and system based on rich text editor |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140283139A1 (en) * | 2013-03-15 | 2014-09-18 | Kunal Anand | Systems and methods for parsing user-generated content to prevent attacks |
| CN106790007A (en) * | 2016-12-13 | 2017-05-31 | 武汉虹旭信息技术有限责任公司 | Web attack defending systems and its method based on XSS and CSRF |
| CN109491647A (en) * | 2018-10-25 | 2019-03-19 | 深圳点猫科技有限公司 | A kind of online pre- anti-attack method and electronic equipment of language based on programming |
-
2019
- 2019-11-29 CN CN201911200307.5A patent/CN112883688A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140283139A1 (en) * | 2013-03-15 | 2014-09-18 | Kunal Anand | Systems and methods for parsing user-generated content to prevent attacks |
| CN106790007A (en) * | 2016-12-13 | 2017-05-31 | 武汉虹旭信息技术有限责任公司 | Web attack defending systems and its method based on XSS and CSRF |
| CN109491647A (en) * | 2018-10-25 | 2019-03-19 | 深圳点猫科技有限公司 | A kind of online pre- anti-attack method and electronic equipment of language based on programming |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113297502A (en) * | 2021-07-23 | 2021-08-24 | 浙江新华移动传媒股份有限公司 | Rich text monitoring and filtering method and device |
| CN113722641A (en) * | 2021-08-30 | 2021-11-30 | 平安国际智慧城市科技股份有限公司 | AI-based injection request protection method, device, terminal equipment and medium |
| CN114048708A (en) * | 2022-01-13 | 2022-02-15 | 山东捷瑞数字科技股份有限公司 | Automatic typesetting method and system based on rich text editor |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112883688A (en) | Rich text filtering method, rich text filtering device and computer readable storage medium | |
| KR101780233B1 (en) | Apparatus and method for deteting code cloning of software | |
| US9356937B2 (en) | Disambiguating conflicting content filter rules | |
| CN103853650B (en) | A kind of method for generating test case of fuzz testing and device | |
| KR101874373B1 (en) | A method and apparatus for detecting malicious scripts of obfuscated scripts | |
| US9098722B2 (en) | Systems and methods for parsing user-generated content to prevent attacks | |
| CN105653949B (en) | A kind of malware detection methods and device | |
| WO2014145336A2 (en) | Systems and methods for tokenizing and parsing user-generated content to enable the prevention of attacks | |
| KR101356676B1 (en) | Translating expressions in a computing environment | |
| CN104766013A (en) | Skip list based cross-site scripting attack defense method | |
| JP6355836B2 (en) | Packet filter device and packet filter method | |
| CN115048623A (en) | Method, computing device and storage medium for encrypting code | |
| CN111539206B (en) | Method, device, equipment and storage medium for determining sensitive information | |
| US9231938B2 (en) | Determination and classification of defense measures in web applications | |
| CN111881047B (en) | Method and device for processing obfuscated script | |
| CN109491647A (en) | A kind of online pre- anti-attack method and electronic equipment of language based on programming | |
| CN109446810B (en) | Malicious file defense method and device based on request rewriting and electronic equipment | |
| CN106844192A (en) | A kind of detection method of program's source code, device and electronic equipment | |
| CN112883372A (en) | Cross-site scripting attack detection method and device | |
| CN114168950B (en) | Method, device, equipment and product for repairing cross-site scripting attack vulnerability | |
| CN112685740A (en) | Compressed packet security detection method, device, terminal and storage medium | |
| CN110378829A (en) | Information provides and the method, device and equipment of watermark extracting | |
| KR102040080B1 (en) | Apparatus for self-protection on javascript and method thereof | |
| CN107577941A (en) | Intercept the method and apparatus that coding bypasses | |
| CN117077148B (en) | Program security analysis method, system, computer device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |