Security: fix CSS injection, javascript: URL injection, and SVG script injection#36
Draft
Security: fix CSS injection, javascript: URL injection, and SVG script injection#36
Conversation
…t injection Agent-Logs-Url: https://github.com/zaxlofful/SimpleWish/sessions/d9c98b77-af9e-4e35-83a0-30b0b7846588 Co-authored-by: zaxlofful <33877007+zaxlofful@users.noreply.github.com>
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ❌ Deployment failed View logs |
simplewish | ae4a6f0 | Apr 07 2026, 03:31 PM |
Agent-Logs-Url: https://github.com/zaxlofful/SimpleWish/sessions/d9c98b77-af9e-4e35-83a0-30b0b7846588 Co-authored-by: zaxlofful <33877007+zaxlofful@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Exploit vulnerabilities and implement defense mechanisms
Security: fix CSS injection, javascript: URL injection, and SVG script injection
Apr 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Three injection vulnerabilities in the static site generator pipeline allow an attacker with write access to
recipients/*.jsonorscripts/generated_qr/*.svgto inject malicious content into generated HTML pages.Exploit 1 — CSS injection via
accent/mutedfieldsaccentandmutedvalues were interpolated directly into<style>blocks with no validation:A payload like
"accent": "red; } body { display:none }"breaks out of the:rootblock. CSSurl()functions can also be used for data exfiltration.Fix: Added
_CSS_COLOR_REallowlist (hex,rgb()/rgba(),hsl()/hsla(), named colors) and_is_safe_css_color()guard — invalid values are silently ignored, leaving the template default.Exploit 2 —
javascript:/data:URL injection in gift hrefshrefvalues were only HTML-escaped, not scheme-checked."href": "javascript:alert(1)"produces a working XSS link that executes on click.Fix: Added
_is_safe_href()that allowlistshttp://,https://, andmailto:. Unsafe hrefs are downgraded to plain text (visible label preserved).Exploit 3 — Inline SVG
<script>and event handler injectionsanitize_svg_for_html()only stripped XML prologs and DOCTYPE. Since SVGs are parsed as part of the HTML document when inlined, any<script>block oron*attribute in a committed.svgfile executes in the page context.Fix:
sanitize_svg_for_html()now strips<script>blocks (closing tag uses[^>]*per CodeQLpy/bad-tag-filter), self-closing<script/>,on*event-handler attributes, and<style>blocks.Tests
47 new tests in
tests/test_security.pycovering allowlist helpers, each injection class, and clean-passthrough cases.