search

cloudera / director-sdk

Cloudera Director API clients
http://www.cloudera.com/director
Apache License 2.0
17 stars 19 forks source link

upgrade json-sanitizer dependency version #11

Open wenjia7 opened 1 year ago

wenjia7 commented 1 year ago

Hi, we found the insecure version of the dependency json-sanitizer is still being used in the code: https://github.com/cloudera/director-sdk/blob/a099fedd5afe365aedbb50daa75de048ef6f7ab4/java-client/src/main/java/com/cloudera/director/client/common/ApiClient.java#L750, which may allow cross-site scripting.

Test here:

@Test
  public static final void testHtmlParserStateChanges() {
    assertSanitized("\"\\u003cscript\"", "\"<script\"");
    assertSanitized("\"\\u003cScript\"", "\"<Script\"");
    // \u0130 is a Turkish dotted upper-case 'I' so the lower case version of
    // the tag name is "script".
    assertSanitized("\"\\u003cScR\u0130pT\"", "\"<ScR\u0130pT\"");
    assertSanitized("\"\\u003cSCRIPT\\n>\"", "\"<SCRIPT\n>\"");
    assertSanitized("\"script\"", "<script");

    assertSanitized("\"\\u003c!--\"", "\"<!--\"");
    assertSanitized("-0", "<!--");

    assertSanitized("\"--\\u003e\"", "\"-->\"");
    assertSanitized("-0", "-->");

    assertSanitized("\"\\u003c!--\\u003cscript>\"", "\"<!--<script>\"");
  }