Improving embedded JS handling (#125)

aidenmitchell · zoomequipd · web-flow · commit b4b7d4cfdb8f · 2025-06-25T16:48:17.000Z
Co-authored-by: Brandon Murphy &lt;4827852+zoomequipd@users.noreply.github.com&gt;
diff --git a/build/configs/scanners.yaml b/build/configs/scanners.yaml
@@ -248,6 +248,7 @@ scanners:
         flavors:
           - 'javascript_file'
           - 'text/javascript'
+          - 'application/ecmascript'
       priority: 5
       options:
         beautify: True
diff --git a/src/python/strelka/scanners/scan_html.py b/src/python/strelka/scanners/scan_html.py
@@ -106,6 +106,7 @@ def scan(self, data, file, options, expire_at):
                 script_flavors = [
                     script.get('language', '').lower(),
                     script.get('type', '').lower(),
+                    'text/javascript',
                 ]
                 script_entry = {
                     'src': script.get('src'),
diff --git a/src/python/strelka/scanners/scan_xml.py b/src/python/strelka/scanners/scan_xml.py
@@ -6,6 +6,8 @@
 class ScanXml(strelka.Scanner):
     """Collects metadata and extracts embedded files from XML files.
 
+    Extracts JavaScript content from script tags and emits them as child files.
+
     Options:
         extract_tags: List of XML tags that will have their text extracted
             as child files.
@@ -23,7 +25,7 @@ def scan(self, data, file, options, expire_at):
         self.event.setdefault('tags', [])
         self.event.setdefault('tag_data', [])
         self.event.setdefault('namespaces', [])
-        self.event['total'] = {'tags': 0, 'extracted': 0}
+        self.event['total'] = {'tags': 0, 'scripts': 0, 'extracted': 0}
 
         xml = None
         try:
@@ -89,6 +91,30 @@ def _recurse_node(self, node, xml_args):
                         self.files.append(extract_file)
                         self.event['total']['extracted'] += 1
 
+                # Check for script tags and extract JavaScript content
+                if tag == 'script':
+                    self.event['total']['scripts'] += 1
+
+                    if text and text.strip():
+                        extract_file = strelka.File(
+                            name=f'script_{self.event["total"]["scripts"]-1}',
+                            source=self.name,
+                        )
+                        script_flavors = [
+                            node.attrib.get('type', '').lower(),
+                        ]
+                        extract_file.add_flavors({'external': script_flavors})
+
+                        for c in strelka.chunk_string(text):
+                            self.upload_to_coordinator(
+                                extract_file.pointer,
+                                c,
+                                self.expire_at,
+                            )
+
+                        self.files.append(extract_file)
+                        self.event['total']['extracted'] += 1
+
             for child in node.getchildren():
                 self._recurse_node(self, child, xml_args)
 

Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,7 @@ def scan(self, data, file, options, expire_at):`
`106`	`106`	`script_flavors = [`
`107`	`107`	`script.get('language', '').lower(),`
`108`	`108`	`script.get('type', '').lower(),`
	`109`	`+ 'text/javascript',`
`109`	`110`	`]`
`110`	`111`	`script_entry = {`
`111`	`112`	`'src': script.get('src'),`