From: SourceForge.net <no...@so...> - 2006-09-27 14:28:50
|
Support Requests item #1218312, was opened at 2005-06-10 15:49 Message generated for change (Comment added) made by fabiankeil You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=211118&aid=1218312&group_id=11118 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: filters Group: None >Status: Pending Priority: 5 Submitted By: Hanno Behrens (hanno_behrens) >Assigned to: Fabian Keil (fabiankeil) Summary: Howto filter bad HTML-parameters? Initial Comment: Recently an other windows-bug showed that code like this would crash the whole system: <img SRC="pic.jpg" width="9999999" height="9999999"> I'd like to filter every "with" or "height" in the img-tag to a max of, let's say, 8000 to patch this. After the bug was posted public it'll be only hours to days that pranksters will use it in HTML-bulletins or like that to something like: <img SRC="pic.jpg" width="8000" height="8000"> I am not used to the filter process of privoxy, I admit, could do simple filtering of keywords and such but I don't know how to do it to certain values that are greater than a certain number. Could anybody help me with this? I think it's more or less urgent, anyway not primary for myself as I do everythink on linux but for friends and people I know. Seems for me a good patch and if it works another point to promote privoxy. with best regards Silicium ---------------------------------------------------------------------- >Comment By: Fabian Keil (fabiankeil) Date: 2006-09-27 14:28 Message: Logged In: YES user_id=875547 If it was urgent I'm probably a bit late, but you could try something like: FILTER: img-size-filter Removes img width and height attributes with large values s@(<img[^>]*) width=[\"\']?(\d+\d|[89])\d\d\d[\"\']?@$1@Uig s@(<img[^>]*) height=[\"\']?(\d+\d|[89])\d\d\d[\"\']?@$1@Uig ---------------------------------------------------------------------- Comment By: Clifford Caoile (piyo) Date: 2005-06-10 22:14 Message: Logged In: YES user_id=3562 Fun with regular expressions (regexp) You could match the numbers using regexp: [8][0-9][0-9][1-9] (match 8001 to 8999) [9][0-9][0-9][9-9] (match 9000 to 9999) [1-9][0-9][0-9][0-9][0-9][0-9]* (match 10000 or more) I don't know how to make sure that you match just the <img> tag, and I haven't thought of all the special cases of how a number can come in, etc. This solution needs more work. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=211118&aid=1218312&group_id=11118 |