Pattern for Sizzle CSS Selector Engine

[nnposter]

A new pattern for Sizzle CSS Selector Engine:

Sizzle (?:CSS Selector Engine - )?v([\d.]+(?:-\w+)?)

Works against both standard and minimized versions.

[PeterMosmans]

Hi @nnposter , do you mind if I create some pull requests for your changes ? Then I'll incorporate them in my fork, so that you immediately can use them from github. Thanks !

[augustd]

@PeterMosmans @nnposter Pull requests would be awesome!

[nnposter]

Feel free

[PeterMosmans]

(Abandoning this, as I don't have access to the 'original' files and therefore cannot create test strings)

[augustd]

@nnposter Can you please provide an example of this pattern in the wild? This will be used by the CI unit tests to verify that the pattern is working and everything builds correctly.

[nnposter]

I have grabbed the initial sample from HP StorageWorks web management console so it is not a public-facing site. The relevant part of the JS file follows:

/*
 * Sizzle CSS Selector Engine - v0.9.3
 *  Copyright 2009, The Dojo Foundation
 *  Released under the MIT, BSD, and GPL Licenses.
 *  More information: http://sizzlejs.com/
 */

Looking at the most recent version of the distro package I can see following in the regular version:

/*!
 * Sizzle CSS Selector Engine v2.3.4-pre
 * https://sizzlejs.com/
 *
 * Copyright jQuery Foundation and other contributors
 * Released under the MIT license
 * http://jquery.org/license
 *
 * Date: 2016-08-15
 */

and the following in the minimized version:

/*! Sizzle v2.3.4-pre | (c) jQuery Foundation, Inc. | jquery.org/license */

So maybe the the best pattern at this point would be

Sizzle (?:CSS Selector Engine[- ]*)?v([\d.]+(?:-\w+)?)

[augustd]

Added new pattern to match rules. I had to update the tests to handle multiple test strings per pattern.

https://github.com/augustd/burp-suite-software-version-checks/pull/23