MCPcopy Index your code
hub / github.com/mitmproxy/mitmproxy / in_HTML

Function in_HTML

examples/contrib/xss_scanner.py:354–365  ·  view source on GitHub ↗

Whether the Numberth occurrence of the first string in the second string is inside the HTML but not inside a script tag or part of a HTML attribute

(text: bytes, index: int, body: bytes)

Source from the content-addressed store, hash-verified

352 return False
353
354 def in_HTML(text: bytes, index: int, body: bytes) -> bool:
355 """Whether the Numberth occurrence of the first string in the second
356 string is inside the HTML but not inside a script tag or part of
357 a HTML attribute"""
358 # if there is a < then lxml will interpret that as a tag, so only search for the stuff before it
359 text = text.split(b"<")[0]
360 paths = paths_to_text(body.decode("utf-8"), text.decode("utf-8"))
361 try:
362 path = paths[index]
363 return "script" not in path
364 except IndexError:
365 return False
366
367 def inject_javascript_handler(html: str) -> bool:
368 """Whether you can inject a Javascript:alert(0) as a link"""

Callers 1

get_XSS_dataFunction · 0.85

Calls 3

paths_to_textFunction · 0.85
splitMethod · 0.45
decodeMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…