-
-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathtest_quick.js
More file actions
15 lines (10 loc) · 839 Bytes
/
test_quick.js
File metadata and controls
15 lines (10 loc) · 839 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
const { detectXssPatterns } = require('./src/detectors/xssPatterns');
const { detectJsInjection } = require('./src/detectors/jsInjection');
const content = `<< /BaseFont /SNCSTG+CMBX12 /FontDescriptor 6 0 R /FontMatrix [ 1 2 3 4 5 (1); alert('origin: '+window.origin+', pdf url: '+(window.PDFViewerApplication?window.PDFViewerApplication.url:document.URL)) ] /Subtype /Type1 /Type /Font >>`;
const xss = detectXssPatterns(content, { threshold: 'medium' });
const js = detectJsInjection(content, { threshold: 'medium' });
console.log('XSS patterns found:');
xss.forEach(v => console.log(` - ${v.name} (${v.severity}): ${v.matchedText}`));
console.log('\nJS injection patterns found:');
js.forEach(v => console.log(` - ${v.name} (${v.severity}): ${v.matchedText}`));
console.log(`\nTotal vulnerabilities: ${xss.length + js.length}`);