Bug in CSSutils parsing of backslashes

10 views
Skip to first unread message

David King

unread,
Apr 27, 2009, 11:52:19 AM4/27/09
to cssu...@googlegroups.com
There appears to be a bug in the way that cssutils 0.9.5.1 parses
consecutive backslashes. For instance, the following CSS code should
be a parse error:

body:after {
content: "\\";
background-image: url('javascript:alert(\'XSS\')');
background-color: red;
blahblah:novalidatinghere;
/*";/*
content: "";
}

Instead, cssutils parses as if most of that block were to go into the
'content' field, but the browser interprets it as if it should apply
the background-image, etc.

It looks as if the issue is that "\\" is parsed as if it were
"\" (that is, an unterminated string containing a quoted quote).

see

unread,
Apr 29, 2009, 4:36:53 AM4/29/09
to cssutils
Please see http://code.google.com/p/cssutils/issues/detail?id=22

see

unread,
Apr 29, 2009, 4:36:03 AM4/29/09
to cssutils
Please see http://code.google.com/p/cssutils/issues/detail?id=22 for
details.

On Apr 27, 5:52 pm, David King <dk...@ketralnis.com> wrote:
Reply all
Reply to author
Forward
0 new messages