From bb25868c68dc3c6639b958f06925528fb0d888d3 Mon Sep 17 00:00:00 2001 From: Guillaume Peoc'h Date: Tue, 30 Aug 2022 10:30:24 +0200 Subject: SONAR-17201 Sanitize code before injecting it in DOM + UI fix --- .../org/sonar/education/2codeSnippets.html | 107 +++++++++++++-------- 1 file changed, 66 insertions(+), 41 deletions(-) (limited to 'plugins') diff --git a/plugins/sonar-education-plugin/src/main/resources/org/sonar/education/2codeSnippets.html b/plugins/sonar-education-plugin/src/main/resources/org/sonar/education/2codeSnippets.html index 9889cbc5ebd..137d0a02b79 100644 --- a/plugins/sonar-education-plugin/src/main/resources/org/sonar/education/2codeSnippets.html +++ b/plugins/sonar-education-plugin/src/main/resources/org/sonar/education/2codeSnippets.html @@ -1,45 +1,70 @@ -

An infinite loop is one that will never end while the program is running, i.e., you have to kill the program to get out of the loop. Whether it is - by meeting the loop’s end condition or via a break, every loop should have an end condition.

-

Known Limitations

- -

Noncompliant Code Example

-
for (;;) {  // Noncompliant; end condition omitted
-  // ...
-}
+
This is an example of an attempt to run some code on our

+
Cross-site scripting (XSS) attack

 
-var j = 0;
-while (true) { // Noncompliant; constant end condition
-  j++;
-}
+

+  Assistive technologies, such as screen readers, use <th> headers to provide
+  some context when users navigates a table. Without it the user gets rapidly lost in the flow of
+  data.
+

+

+  Headers should be properly associated with the corresponding <td> cells by
+  using either a scope attribute or headers and
+  id attributes. See W3C WAI Web Accessibility Tutorials for more information.
+

+

+  This rule raises an issue whenever a <table> does not contain
+  any <th> elements.
+

 
-var k;
-var b = true;
-while (b) { // Noncompliant; constant end condition
-  k++;
-}
-
-

Compliant Solution

-
while (true) { // break will potentially allow leaving the loop
-  if (someCondition) {
-    break;
-  }
-}
+

+  Moreover in this example, we attempted a Cross-site scripting attack by adding a script tag and
+  adding a onload property to the pre tag. The code being sanitized before being injected in the DOM
+  prevents us from being vulnerable.
+

 
-var k;
-var b = true;
-while (b) {
-  k++;
-  b = k < 10;
-}
+
Noncompliant Code Example

+
+<table> <!-- Noncompliant -->
+  <tr>
+    <td>Name</td>
+    <td>Age</td>
+  </tr>
+  <tr>
+    <td>John Doe</td>
+    <td>24</td>
+  </tr>
+  <tr>
+    <td>Alice Doe</td>
+    <td>54</td>
+  </tr>
+</table>
+  
+

 
-outer:
-while(true) {
-  while(true) {
-    break outer;
-  }
-}
-
\ No newline at end of file +

Compliant Solution

+
+<table>
+  <tr>
+    <th scope="col">Name</th>
+    <th scope="col">Age</th>
+  </tr>
+  <tr>
+    <td>John Doe</td>
+    <td>24</td>
+  </tr>
+  <tr>
+    <td>Alice Doe</td>
+    <td>54</td>
+  </tr>
+</table>
+<script>
+  alert('nevermind, you good..');
+</script>
+  
+
-- cgit v1.2.3