diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2021-07-26 17:05:11 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2021-07-26 17:05:11 +0100 |
| commit | d504e72e0d768de1f24b02d18a165b1dddf5140d (patch) | |
| tree | be0d18c3ade208ad81fe964879b35dff6da53351 | |
| parent | e17309d3727526fb8cf2403642c739dcdbaae587 (diff) | |
| download | rspamd-d504e72e0d768de1f24b02d18a165b1dddf5140d.tar.gz rspamd-d504e72e0d768de1f24b02d18a165b1dddf5140d.zip | |
[Minor] Fix some base tag parsing issues
| -rw-r--r-- | src/libserver/html/html.cxx | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/src/libserver/html/html.cxx b/src/libserver/html/html.cxx index 088aad369..97a8640c5 100644 --- a/src/libserver/html/html.cxx +++ b/src/libserver/html/html.cxx @@ -567,6 +567,35 @@ html_parse_tag_content(rspamd_mempool_t *pool, parser_env.cur_state = state; } +static inline auto +html_is_absolute_url(std::string_view st) -> bool +{ + auto alnum_pos = std::find_if(std::begin(st), std::end(st), + [](auto c) {return !g_ascii_isalnum(c);}); + + if (alnum_pos != std::end(st)) { + std::advance(alnum_pos, 1); + + if (alnum_pos != std::end(st)) { + if (*alnum_pos == ':') { + if (st.substr(0, std::distance(std::begin(st), alnum_pos)) == "mailto") { + return true; + } + + std::advance(alnum_pos, 1); + if (alnum_pos != std::end(st)) { + /* Include even malformed urls */ + if (*alnum_pos == '/' || *alnum_pos == '\\') { + return true; + } + } + } + } + } + + return false; +} + static auto html_process_url_tag(rspamd_mempool_t *pool, struct html_tag *tag, @@ -586,7 +615,7 @@ html_process_url_tag(rspamd_mempool_t *pool, * slash */ - if (rspamd_substring_search(href_value.data(), href_value.size(), "://", 3) == -1) { + if (!html_is_absolute_url(href_value)) { if (href_value.size() >= sizeof("data:") && g_ascii_strncasecmp(href_value.data(), "data:", sizeof("data:") - 1) == 0) { |