Greetings,
I have a troubling issue that I'm not sure how to approach at this point.
Given the HTML tag (any tag will do):
<div id='divSomethin g' onmouseover='.. .'>Next we write
onmouseover='al ert(message);' ...</div>
I want to write a Regular Expression that only will search the opening div
tag for the "onmouseove r" text. My current expression:
(<.*?(ONMOUSEOV ER)\s*=.*?>)
will incorrectly detect:
<div id='divSomethin g'>Next we write onmouseover='al ert(message);' ...</div>
Any ideas how I can limit to only the opening tag?
Thanks,
Shawn 6 1167
"Shawn B." wrote:
Given the HTML tag (any tag will do):
<div id='divSomethin g' onmouseover='.. .'>Next we write
onmouseover='al ert(message);' ...</div>
I want to write a Regular Expression that only will search the opening div
tag for the "onmouseove r" text. My current expression:
(<.*?(ONMOUSEOV ER)\s*=.*?>)
will incorrectly detect:
<div id='divSomethin g'>Next we write onmouseover='al ert(message);' ...</div>
Any ideas how I can limit to only the opening tag?
The easy way to do this is to replace the the first .* with a [^>]* -
"look for any number of characters that aren't the character",
instead of "look for any number of any character." That is,
(<[^>]*?(ONMOUSEOVER) \s*=.*?>)
-- www.midnightbeach.com/.net
What you need to know.
(?i)(?<=<[\w]+[^<\>=]+)(onmouseover) =(?:["']?([^"'>=]*)["']?)
This regular expression will capture the entire attribute name and value.
The name ("onmouseove r" will be in Group 1, and the value in Group 2.
--
HTH,
Kevin Spencer
Microsoft MVP
Ministry of Software Development http://unclechutney.blogspot.com
Never trust a dunderhead with a blunderbuss.
"Jon Shemitz" <jo*@midnightbe ach.comwrote in message
news:45******** *******@midnigh tbeach.com...
"Shawn B." wrote:
>Given the HTML tag (any tag will do):
<div id='divSomethin g' onmouseover='.. .'>Next we write onmouseover='a lert(message);' ...</div>
I want to write a Regular Expression that only will search the opening div tag for the "onmouseove r" text. My current expression: (<.*?(ONMOUSEO VER)\s*=.*?>)
will incorrectly detect: <div id='divSomethin g'>Next we write onmouseover='al ert(message);' ...</div>
Any ideas how I can limit to only the opening tag?
The easy way to do this is to replace the the first .* with a [^>]* -
"look for any number of characters that aren't the character",
instead of "look for any number of any character." That is,
(<[^>]*?(ONMOUSEOVER) \s*=.*?>)
--
www.midnightbeach.com/.net
What you need to know.
(?i)(?<=<[\w]+[^<\>=]+)(onclick)=(?:["']?([^"'>=]*)["']?)
>
This regular expression will capture the entire attribute name and value.
The name ("onmouseove r" will be in Group 1, and the value in Group 2.
Using Regulator, the above expression does not work on the following test
cases:
<SCRIPT NAME=Happy VALUE='happier' ATTR="happiest"
onClick='dosome thing();'>CONEN T</SCRIPT>
<SCRIPT name=ha onclick = 'asdf'>asdf</SCRIPT>
<tag>var x = asdf.onclick="" ;</tag>
It should detect #1 and #2 but ignore #3
Thanks,
Shawn
I don't have the original question you asked, and I'm not sure you specified
what the rules should be. Neither do I have the original Regular Expression
I posted for you. The one you posted is modified. So, I can't tell you what
rules I assumed for those which were not provided, nor can I tell you
whether the change you made to the regular expression has anything to do
with it.
Therefore, I went back into my personal library, and found a Regular
Expression I once created for another project, which identifies all
attribute names and values (in 2 groups) in a block of HTML text. The
original was this, to capture *all* attribute names and values:
(?i)\s+(?:(\w+) =(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
The first group is defined by the sequence: (\w+) (any sequence of one or
more alpha-numeric characters).
I replaced that with the following:
(?i)\s+(?:(oncl ick)=(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
This will only capture attributes with a name of "onclick"
(case-insensitive)
Upon testing it with your script sample below, it correctly identified only
ONE of the attributes, the first one. The reason it didn't identify the
second one you said that it should is that the second one is not correct
syntactically. In HTML, the '=' character in an attribute may not be
preceded or followed by any spaces.
--
HTH,
Kevin Spencer
Microsoft MVP
Logostician http://unclechutney.blogspot.com
Parabola is a mate of plane.
"Shawn B." <le****@html.co mwrote in message
news:uZ******** ******@TK2MSFTN GP06.phx.gbl...
>(?i)(?<=<[\w]+[^<\>=]+)(onclick)=(?:["']?([^"'>=]*)["']?)
This regular expression will capture the entire attribute name and value. The name ("onmouseove r" will be in Group 1, and the value in Group 2.
Using Regulator, the above expression does not work on the following test
cases:
<SCRIPT NAME=Happy VALUE='happier' ATTR="happiest"
onClick='dosome thing();'>CONEN T</SCRIPT>
<SCRIPT name=ha onclick = 'asdf'>asdf</SCRIPT>
<tag>var x = asdf.onclick="" ;</tag>
It should detect #1 and #2 but ignore #3
Thanks,
Shawn
Kevin, thanks for your reply. Actually, I'm trying to look for cross site
scripting vulnerabilities on input fields. While the '=' preceded or
superceded by a space isn't valid html, the browser (IE) will still render
it and treat it the same, and it is a perfectly valid detection evasion
technique. The expression you provided actually still allows a few false
positives to go through on our system but I did find an express that works
flawlessly:
(<[^>]*?(ONMOUSEOVER) \s*=.*?>)
This expression catches every one of our known vulnerabilities and does not
catch any of our known false positives. However, I'll take a closer look at
your expression and figure out if we can adapt it to other parts of our
scanning engine.
Thanks,
Shawn
"Kevin Spencer" <sp**@uce.govwr ote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
>I don't have the original question you asked, and I'm not sure you specified what the rules should be. Neither do I have the original Regular Expression I posted for you. The one you posted is modified. So, I can't tell you what rules I assumed for those which were not provided, nor can I tell you whether the change you made to the regular expression has anything to do with it.
Therefore, I went back into my personal library, and found a Regular
Expression I once created for another project, which identifies all
attribute names and values (in 2 groups) in a block of HTML text. The
original was this, to capture *all* attribute names and values:
(?i)\s+(?:(\w+) =(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
The first group is defined by the sequence: (\w+) (any sequence of one or
more alpha-numeric characters).
I replaced that with the following:
(?i)\s+(?:(oncl ick)=(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
This will only capture attributes with a name of "onclick"
(case-insensitive)
Upon testing it with your script sample below, it correctly identified
only ONE of the attributes, the first one. The reason it didn't identify
the second one you said that it should is that the second one is not
correct syntactically. In HTML, the '=' character in an attribute may not
be preceded or followed by any spaces.
--
HTH,
Kevin Spencer
Microsoft MVP
Logostician http://unclechutney.blogspot.com
Parabola is a mate of plane.
"Shawn B." <le****@html.co mwrote in message
news:uZ******** ******@TK2MSFTN GP06.phx.gbl...
>>(?i)(?<=<[\w]+[^<\>=]+)(onclick)=(?:["']?([^"'>=]*)["']?)
This regular expression will capture the entire attribute name and value. The name ("onmouseove r" will be in Group 1, and the value in Group 2. Using Regulator, the above expression does not work on the following test cases:
<SCRIPT NAME=Happy VALUE='happier' ATTR="happiest" onClick='dosom ething();'>CONE NT</SCRIPT> <SCRIPT name=ha onclick = 'asdf'>asdf</SCRIPT> <tag>var x = asdf.onclick="" ;</tag> It should detect #1 and #2 but ignore #3
Thanks, Shawn
My pleasure, Shawn. As always, figuring out the business rules is the
hardest part!
--
HTH,
Kevin Spencer
Microsoft MVP
Logostician http://unclechutney.blogspot.com
Parabola is a mate of plane.
"Shawn B." <le****@html.co mwrote in message
news:%2******** **********@TK2M SFTNGP03.phx.gb l...
Kevin, thanks for your reply. Actually, I'm trying to look for cross site
scripting vulnerabilities on input fields. While the '=' preceded or
superceded by a space isn't valid html, the browser (IE) will still render
it and treat it the same, and it is a perfectly valid detection evasion
technique. The expression you provided actually still allows a few false
positives to go through on our system but I did find an express that works
flawlessly:
(<[^>]*?(ONMOUSEOVER) \s*=.*?>)
This expression catches every one of our known vulnerabilities and does
not catch any of our known false positives. However, I'll take a closer
look at your expression and figure out if we can adapt it to other parts
of our scanning engine.
Thanks,
Shawn
"Kevin Spencer" <sp**@uce.govwr ote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
>>I don't have the original question you asked, and I'm not sure you specified what the rules should be. Neither do I have the original Regular Expression I posted for you. The one you posted is modified. So, I can't tell you what rules I assumed for those which were not provided, nor can I tell you whether the change you made to the regular expression has anything to do with it.
Therefore, I went back into my personal library, and found a Regular Expression I once created for another project, which identifies all attribute names and values (in 2 groups) in a block of HTML text. The original was this, to capture *all* attribute names and values:
(?i)\s+(?:(\w+ )=(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
The first group is defined by the sequence: (\w+) (any sequence of one or more alpha-numeric characters).
I replaced that with the following:
(?i)\s+(?:(onc lick)=(?:["']?([^"'>=]*)["']?)(?=\s|/?>)|\s*(?=\s|/?>))
This will only capture attributes with a name of "onclick" (case-insensitive)
Upon testing it with your script sample below, it correctly identified only ONE of the attributes, the first one. The reason it didn't identify the second one you said that it should is that the second one is not correct syntactically. In HTML, the '=' character in an attribute may not be preceded or followed by any spaces.
-- HTH,
Kevin Spencer Microsoft MVP Logostician http://unclechutney.blogspot.com
Parabola is a mate of plane.
"Shawn B." <le****@html.co mwrote in message news:uZ******* *******@TK2MSFT NGP06.phx.gbl.. .
>>>(?i)(?<=<[\w]+[^<\>=]+)(onclick)=(?:["']?([^"'>=]*)["']?)
This regular expression will capture the entire attribute name and value. The name ("onmouseove r" will be in Group 1, and the value in Group 2.
Using Regulator, the above expression does not work on the following test cases:
<SCRIPT NAME=Happy VALUE='happier' ATTR="happiest" onClick='doso mething();'>CON ENT</SCRIPT> <SCRIPT name=ha onclick = 'asdf'>asdf</SCRIPT> <tag>var x = asdf.onclick="" ;</tag> It should detect #1 and #2 but ignore #3
Thanks, Shawn
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: engwar1 |
last post by:
Not sure where to ask this. Please suggest another newsgroup if this
isn't the best place for this question.
I'm new to both vb.net and regex. I need a regular expression that will
validate what people are entering as their new password.
Must be between 6 and 10 characters
Must be alphanumeric only
Can not be the word "password" in any case ie "pAsSworD" should also be
denied.
|
by: aevans1108 |
last post by:
expanding this message to microsoft.public.dotnet.xml
Greetings
Please direct me to the right group if this is an inappropriate place
to post this question. Thanks.
I want to format a numeric value according to an arbitrary regular
expression.
|
by: Tim Conner |
last post by:
Hi,
Thanks to Peter, Chris and Steven who answered my previous answer about
regex to split a string. Actually, it was as easy as create a regex with the
pattern "/*-+()," and most of my string was splitted.
I am fascinated to the powerfull use of this RegEx class, so I wonder if it
could go a step further.
As a question, can regex be used to valid a set of different functions ?
Example : Suppose I have to verify the correctness of an...
|
by: Du Dang |
last post by:
Text:
=====================
<script1>
***stuff A
</script1>
***more stuff
<script2>
***stuff B
|
by: clintonG |
last post by:
I'm using an .aspx tool I found at but as nice as the interface is I
think I need to consider using others. Some can generate C# I understand.
Your preferences please...
<%= Clinton Gallagher
http://forta.com/books/0672325667/
| |
by: Chris |
last post by:
How Do I use the following auto-generated code from The Regulator?
'------------------------------------------------------------------------------
' <autogenerated>
' This code was generated by a tool.
' Runtime Version: 1.1.4322.2032
'
' Changes to this file may cause incorrect behavior and will be lost if
' the code is regenerated.
' </autogenerated>
|
by: Martin Evans |
last post by:
Sorry, yet another REGEX question. I've been struggling with trying to get
a regular expression to do the following example in Python:
Search and replace all instances of "sleeping" with "dead".
This parrot is sleeping. Really, it is sleeping.
to
This parrot is dead. Really, it is dead.
|
by: Extremest |
last post by:
I am using this regex.
static Regex paranthesis = new Regex("(\\d*/\\d*)",
RegexOptions.IgnoreCase);
it should find everything between parenthesis that have some numbers
onyl then a forward slash then some numbers. For some reason I am not
getting that. It won't work at all in 2.0
|
by: Phil Barber |
last post by:
I am using Regex to validate a file name. I have everything I need except I
would like the dot(.) in the filename only to appear once. My question is it
possible to allow one instance of character but not two or more?
example
myfile.doc = good
My.file.doc = not good
if you could give an example of the expression pattern that would most
helpful.
thanks
phil
|
by: |
last post by:
Hi all,
Sorry for the lengthy post but as I learned I should post
concise-and-complete code.
So the code belows shows that the execution of ValidateAddress consumes a
lot of time. In the test it is called a 100 times but in my real app it
could be called 50000 or more times.
So my question is if it is somehow possible to speed this up and if so how
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |