382 Commits

Author SHA1 Message Date
Andreas Dangel
a5006f6383
[maven-release-plugin] prepare for next development iteration 2022-06-25 09:30:43 +02:00
Andreas Dangel
07eb3d2d80
[maven-release-plugin] prepare release pmd_releases/6.47.0 2022-06-25 09:30:37 +02:00
Andreas Dangel
066b510eef
chore: Fix project.parent.relativePath in pom.xml
It must point to a file, pointing to a directory
is not valid.
2022-06-04 11:00:30 +02:00
Andreas Dangel
04c1271d88
[maven-release-plugin] prepare for next development iteration 2022-05-28 11:04:32 +02:00
Andreas Dangel
a75acdeff8
[maven-release-plugin] prepare release pmd_releases/6.46.0 2022-05-28 11:04:27 +02:00
Andreas Dangel
ec64315ad7
[maven-release-plugin] prepare for next development iteration 2022-04-30 09:38:24 +02:00
Andreas Dangel
1d2b40b3c0
[maven-release-plugin] prepare release pmd_releases/6.45.0 2022-04-30 09:38:19 +02:00
Andreas Dangel
be3e941a08
[maven-release-plugin] prepare for next development iteration 2022-03-27 17:01:59 +02:00
Andreas Dangel
6859f8db36
[maven-release-plugin] prepare release pmd_releases/6.44.0 2022-03-27 17:01:54 +02:00
Andreas Dangel
69fb502883
[maven-release-plugin] prepare for next development iteration 2022-02-26 10:01:08 +01:00
Andreas Dangel
dd0ee6190b
[maven-release-plugin] prepare release pmd_releases/6.43.0 2022-02-26 10:01:03 +01:00
Andreas Dangel
dc19597020
[maven-release-plugin] prepare for next development iteration 2022-01-29 09:53:38 +01:00
Andreas Dangel
391c32589f
[maven-release-plugin] prepare release pmd_releases/6.42.0 2022-01-29 09:53:32 +01:00
Vyom Yadav
0f01d4686e
[core] Updated DataType.java 2022-01-21 11:23:32 +05:30
Andreas Dangel
3a97618d5d
[maven-release-plugin] prepare for next development iteration 2021-11-27 11:21:17 +01:00
Andreas Dangel
ac68de1f51
[maven-release-plugin] prepare release pmd_releases/6.41.0 2021-11-27 11:21:12 +01:00
Andreas Dangel
f12710071f
[maven-release-plugin] prepare for next development iteration 2021-10-30 10:00:20 +02:00
Andreas Dangel
be09a31654
[maven-release-plugin] prepare release pmd_releases/6.40.0 2021-10-30 10:00:15 +02:00
Andreas Dangel
0399bbbfc8
[maven-release-plugin] prepare for next development iteration 2021-09-25 13:46:09 +02:00
Andreas Dangel
90b051bfff
[maven-release-plugin] prepare release pmd_releases/6.39.0 2021-09-25 13:46:04 +02:00
Andreas Dangel
bd6c72e0f5
Fix code duplications 2021-09-08 20:11:49 +02:00
Andreas Dangel
65af1c0675
[maven-release-plugin] prepare for next development iteration 2021-08-28 17:27:18 +02:00
Andreas Dangel
7d11a02052
[maven-release-plugin] prepare release pmd_releases/6.38.0 2021-08-28 17:27:12 +02:00
Andreas Dangel
821f7a849b
[maven-release-plugin] prepare for next development iteration 2021-07-31 19:02:07 +02:00
Andreas Dangel
18df47ce6e
[maven-release-plugin] prepare release pmd_releases/6.37.0 2021-07-31 19:01:59 +02:00
Andreas Dangel
f68bf5ce05
[maven-release-plugin] prepare for next development iteration 2021-06-26 10:24:15 +02:00
Andreas Dangel
45d1605a03
[maven-release-plugin] prepare release pmd_releases/6.36.0 2021-06-26 10:24:07 +02:00
Andreas Dangel
4fb19e2a5e
Bump pmd from 6.34.0 to 6.35.0 2021-05-29 09:06:39 +02:00
Andreas Dangel
9fdfecf731
[maven-release-plugin] prepare for next development iteration 2021-05-29 07:24:47 +02:00
Andreas Dangel
b49fb2014d
[maven-release-plugin] prepare release pmd_releases/6.35.0 2021-05-29 07:24:39 +02:00
Andreas Dangel
319900cd43 [maven-release-plugin] prepare for next development iteration 2021-04-24 16:41:17 +02:00
Andreas Dangel
bfeaa1b377 [maven-release-plugin] prepare release pmd_releases/6.34.0 2021-04-24 16:41:10 +02:00
Andreas Dangel
37e5525fd5 [maven-release-plugin] prepare for next development iteration 2021-03-27 16:25:18 +01:00
Andreas Dangel
dc1c9d0aed [maven-release-plugin] prepare release pmd_releases/6.33.0 2021-03-27 16:25:13 +01:00
Andreas Dangel
e0de01ebe9 [maven-release-plugin] prepare for next development iteration 2021-02-27 09:44:05 +01:00
Andreas Dangel
0848e230d0 [maven-release-plugin] prepare release pmd_releases/6.32.0 2021-02-27 09:43:58 +01:00
Andreas Dangel
2ea0328678 [maven-release-plugin] prepare for next development iteration 2021-01-30 18:04:17 +01:00
Andreas Dangel
7d6e6239c5 [maven-release-plugin] prepare release pmd_releases/6.31.0 2021-01-30 18:04:08 +01:00
Joshua Feingold
d88d8ff913
@W-8680425@: Added LINKTO back into the list of inherently safe functions. 2021-01-29 10:02:09 -06:00
Joshua Feingold
a4916f94fc
@W-8680425@: Pulled out some repeated code into convenience method. 2021-01-25 16:33:47 -06:00
Joshua Feingold
c14398d19f
@W-8680425@: Refactored escape detection in script context. Multiple false positives resolved. 2021-01-25 14:39:25 -06:00
Andreas Dangel
221c9e785e Merge pull request #3005 from rmohan20:removeOnEventEncoding
[vf] [New Rule] Handle XSS violations that can occur within Html Style
tags #3005
2021-01-21 15:07:05 +01:00
Andreas Dangel
dc4cdf696e Fixups for #3005
- ElEscapeDetector is utility class now
- Improved description and example of new rule
2021-01-21 15:01:58 +01:00
Andreas Dangel
f7909ae78a Merge branch 'master' into pr-2963-update 2021-01-21 11:43:01 +01:00
Jeff Bartolotta
15dd8783c7
Convert Pattern to a static final member 2021-01-19 10:28:08 -08:00
Jeff Bartolotta
98acf1de63
Update pmd-visualforce/src/test/java/net/sourceforge/pmd/lang/vf/rule/security/VfHtmlXssStyleTagUrlPatternMatchingTest.java
Co-authored-by: Clément Fournier <clement.fournier76@gmail.com>
2021-01-19 10:11:52 -08:00
rmohan
6a179980be
Applying changes from review feedback 2021-01-15 13:40:07 -08:00
rmohan
407aa690d1
parent 7fc3dee95acbb40692f2c115ebe7b0264f377385
author rmohan <rmohan@salesforce.com> 1608240897 -0800
committer rmohan <rmohan@salesforce.com> 1610153787 -0800
gpgsig -----BEGIN PGP SIGNATURE-----

 iQIzBAABCAAdFiEEPykD30Ug+JG+ZQ7x5XWwXqT2VuwFAl/4/zsACgkQ5XWwXqT2
 VuwJoBAAsdl/TU3nculnOPwrCHtaxgtM/4zB+wLdw7f+KtIaGMv5A8v8gMbqh0V+
 OTPV0Q/CTEk4PxA2qD5aCPLOaO9+LHOKjPdkWalttVjINtTVPR2pKo0PKR+f2q77
 79eFkhiB1uNx741ThGIZoWPv8eMKHYP+1BEwndFdByxSA70+gdYkbmZqKLLOOrTE
 2uxuGwnNM02ZYskupvgPW2pZvWFviR2sZt/GbFPkqAwgjf40MxM5+3cujOOV850E
 hLHCcch5G5sh8sHTb9nCyNmc6i1kSw9+OOpOHmJGV4u3DRBBtTE9FdwyEUJ2VliZ
 77VrfRPxwzkAE3jTH7EGCY7kpf84jQMqrGn/gav1LfH4DscPZmF617r9iYZ5fOr6
 Z2Fun4vaCXk0h1CojCOpnh4WAthhiVtvBJmdiyO489/hmbtwWuz7KBkCsEVBS+8E
 ViEaQylIOWjcFXkAq5PQ8fCxIqqMgbI7p5kQL6zatpykteMT5zoJj41t8oyjr5Rz
 RUGXNPxpW3zKq3jw4VsjZ8qNYuoSerTzx0qGuUQIALO97HZ8ZBsxmcDTFJrzAkj7
 yfslzLRIoPlL4ZKdpOgCGzVLBX1D/YCBn9KXQiYEYRh57umIt0wpM/Y/Xkl+/Jr4
 97DYj7GQr1gYavSqe7z5n3aUixyibpWy/wx2K3VN6PmtZ3FEB5I=
 =dqIs
 -----END PGP SIGNATURE-----

Creating new VfHtmlStyleTagXss rule to handle XSS in style tags.
Also, refactoring common code out of VfUnescapeElRule to avoid duplication.
2021-01-08 17:08:46 -08:00
Andreas Dangel
c37f208d3e Call jjtree/javacc with UTF-8 as default encoding
Fixes #2970
2020-12-17 18:31:13 +01:00
rmohan
7fc3dee95a
Merging Style tag and HTML XSS checks with typecheck changes for real 2020-12-16 16:22:40 -08:00