From a84be9d7f8fa9258a15e68966de5db7a1d27f7c6 Mon Sep 17 00:00:00 2001 From: Alexandre ZANNI Date: Fri, 17 May 2024 16:34:05 +0200 Subject: [PATCH] doc regen for 0.0.6 --- docs/yard/Integer.html | 6 +- docs/yard/Unisec.html | 8 +- docs/yard/Unisec/Bidi.html | 6 +- docs/yard/Unisec/Bidi/Spoof.html | 6 +- docs/yard/Unisec/CLI.html | 6 +- docs/yard/Unisec/CLI/Commands.html | 10 +- docs/yard/Unisec/CLI/Commands/Bidi.html | 6 +- docs/yard/Unisec/CLI/Commands/Bidi/Spoof.html | 6 +- .../yard/Unisec/CLI/Commands/Confusables.html | 6 +- .../Unisec/CLI/Commands/Confusables/List.html | 6 +- .../CLI/Commands/Confusables/Randomize.html | 6 +- docs/yard/Unisec/CLI/Commands/Grep.html | 6 +- docs/yard/Unisec/CLI/Commands/Hexdump.html | 6 +- docs/yard/Unisec/CLI/Commands/Normalize.html | 159 +------ .../Unisec/CLI/Commands/Normalize/All.html | 263 ++++++++++++ .../CLI/Commands/Normalize/Replace.html | 250 +++++++++++ docs/yard/Unisec/CLI/Commands/Properties.html | 6 +- .../Unisec/CLI/Commands/Properties/Char.html | 6 +- .../CLI/Commands/Properties/Codepoints.html | 6 +- .../Unisec/CLI/Commands/Properties/List.html | 6 +- docs/yard/Unisec/CLI/Commands/Size.html | 6 +- docs/yard/Unisec/CLI/Commands/Surrogates.html | 6 +- .../Unisec/CLI/Commands/Surrogates/From.html | 6 +- .../Unisec/CLI/Commands/Surrogates/To.html | 6 +- docs/yard/Unisec/CLI/Commands/Versions.html | 6 +- docs/yard/Unisec/Confusables.html | 6 +- docs/yard/Unisec/Hexdump.html | 6 +- docs/yard/Unisec/Normalization.html | 404 +++++++++++++++--- docs/yard/Unisec/Properties.html | 6 +- docs/yard/Unisec/Rugrep.html | 6 +- docs/yard/Unisec/Size.html | 6 +- docs/yard/Unisec/Surrogates.html | 6 +- docs/yard/Unisec/Utils.html | 6 +- docs/yard/Unisec/Utils/String.html | 6 +- docs/yard/Unisec/Versions.html | 6 +- docs/yard/_index.html | 38 +- docs/yard/class_list.html | 2 +- docs/yard/file.CHANGELOG.html | 17 +- docs/yard/file.LICENSE.html | 6 +- docs/yard/file.README.html | 8 +- docs/yard/file.about.html | 6 +- docs/yard/file.documentation.html | 6 +- docs/yard/file.install.html | 6 +- docs/yard/file.publishing.html | 12 +- docs/yard/file.quick-start.html | 6 +- docs/yard/file.usage.html | 13 +- docs/yard/frames.html | 15 +- docs/yard/index.html | 8 +- docs/yard/method_list.html | 74 +++- docs/yard/top-level-namespace.html | 6 +- 50 files changed, 1116 insertions(+), 375 deletions(-) create mode 100644 docs/yard/Unisec/CLI/Commands/Normalize/All.html create mode 100644 docs/yard/Unisec/CLI/Commands/Normalize/Replace.html diff --git a/docs/yard/Integer.html b/docs/yard/Integer.html index 3734f29..f6aa788 100644 --- a/docs/yard/Integer.html +++ b/docs/yard/Integer.html @@ -6,7 +6,7 @@ Class: Integer - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -304,9 +304,9 @@

diff --git a/docs/yard/Unisec.html b/docs/yard/Unisec.html index 3e8372e..2aa58f5 100644 --- a/docs/yard/Unisec.html +++ b/docs/yard/Unisec.html @@ -6,7 +6,7 @@ Module: Unisec - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -119,7 +119,7 @@

- 
'0.0.5'
+ 
'0.0.6'
@@ -135,9 +135,9 @@

diff --git a/docs/yard/Unisec/Bidi.html b/docs/yard/Unisec/Bidi.html index 97e307f..5183c0d 100644 --- a/docs/yard/Unisec/Bidi.html +++ b/docs/yard/Unisec/Bidi.html @@ -6,7 +6,7 @@ Class: Unisec::Bidi - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -131,9 +131,9 @@

Overview

diff --git a/docs/yard/Unisec/Bidi/Spoof.html b/docs/yard/Unisec/Bidi/Spoof.html index a8fa4cb..e2dd568 100644 --- a/docs/yard/Unisec/Bidi/Spoof.html +++ b/docs/yard/Unisec/Bidi/Spoof.html @@ -6,7 +6,7 @@ Class: Unisec::Bidi::Spoof - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -1326,9 +1326,9 @@

diff --git a/docs/yard/Unisec/CLI.html b/docs/yard/Unisec/CLI.html index 2015aa2..ab7be7d 100644 --- a/docs/yard/Unisec/CLI.html +++ b/docs/yard/Unisec/CLI.html @@ -6,7 +6,7 @@ Module: Unisec::CLI - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -117,9 +117,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands.html b/docs/yard/Unisec/CLI/Commands.html index f5c6f3b..52a896c 100644 --- a/docs/yard/Unisec/CLI/Commands.html +++ b/docs/yard/Unisec/CLI/Commands.html @@ -6,7 +6,7 @@ Module: Unisec::CLI::Commands - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -104,11 +104,11 @@

Overview

- Modules: Bidi, Confusables, Properties, Surrogates + Modules: Bidi, Confusables, Normalize, Properties, Surrogates - Classes: Grep, Hexdump, Normalize, Size, Versions + Classes: Grep, Hexdump, Size, Versions

@@ -125,9 +125,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands/Bidi.html b/docs/yard/Unisec/CLI/Commands/Bidi.html index 83032ab..70acad3 100644 --- a/docs/yard/Unisec/CLI/Commands/Bidi.html +++ b/docs/yard/Unisec/CLI/Commands/Bidi.html @@ -6,7 +6,7 @@ Module: Unisec::CLI::Commands::Bidi - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -115,9 +115,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands/Bidi/Spoof.html b/docs/yard/Unisec/CLI/Commands/Bidi/Spoof.html index b7160d3..d11a680 100644 --- a/docs/yard/Unisec/CLI/Commands/Bidi/Spoof.html +++ b/docs/yard/Unisec/CLI/Commands/Bidi/Spoof.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Bidi::Spoof - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -269,9 +269,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Confusables.html b/docs/yard/Unisec/CLI/Commands/Confusables.html index 34c1151..cff743a 100644 --- a/docs/yard/Unisec/CLI/Commands/Confusables.html +++ b/docs/yard/Unisec/CLI/Commands/Confusables.html @@ -6,7 +6,7 @@ Module: Unisec::CLI::Commands::Confusables - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -115,9 +115,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands/Confusables/List.html b/docs/yard/Unisec/CLI/Commands/Confusables/List.html index 0b73595..5de54d1 100644 --- a/docs/yard/Unisec/CLI/Commands/Confusables/List.html +++ b/docs/yard/Unisec/CLI/Commands/Confusables/List.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Confusables::List - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -272,9 +272,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Confusables/Randomize.html b/docs/yard/Unisec/CLI/Commands/Confusables/Randomize.html index 4b762cb..39a9611 100644 --- a/docs/yard/Unisec/CLI/Commands/Confusables/Randomize.html +++ b/docs/yard/Unisec/CLI/Commands/Confusables/Randomize.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Confusables::Randomize - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -231,9 +231,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Grep.html b/docs/yard/Unisec/CLI/Commands/Grep.html index d65e1a0..e8c8011 100644 --- a/docs/yard/Unisec/CLI/Commands/Grep.html +++ b/docs/yard/Unisec/CLI/Commands/Grep.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Grep - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -231,9 +231,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Hexdump.html b/docs/yard/Unisec/CLI/Commands/Hexdump.html index 951c850..ee2800a 100644 --- a/docs/yard/Unisec/CLI/Commands/Hexdump.html +++ b/docs/yard/Unisec/CLI/Commands/Hexdump.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Hexdump - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -248,9 +248,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Normalize.html b/docs/yard/Unisec/CLI/Commands/Normalize.html index 1715929..9d118ca 100644 --- a/docs/yard/Unisec/CLI/Commands/Normalize.html +++ b/docs/yard/Unisec/CLI/Commands/Normalize.html @@ -4,9 +4,9 @@ - Class: Unisec::CLI::Commands::Normalize + Module: Unisec::CLI::Commands::Normalize - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -59,31 +59,13 @@
-

Class: Unisec::CLI::Commands::Normalize +

Module: Unisec::CLI::Commands::Normalize

-
-
Inherits:
-
- Dry::CLI::Command - -
    -
  • Object
    • - - - - - -
- show all - -
-
- @@ -104,23 +86,6 @@

Overview

CLI sub-commands unisec normalize xxx for the class Normalization from the lib.

-

Command unisec normalize "example"

-

Example:

-
➜ unisec normalize ẛ̣
-Original: ẛ̣
-  U+1E9B U+0323
-NFC: ẛ̣
-  U+1E9B U+0323
-NFKC: ṩ
-  U+1E69
-NFD: ẛ̣
-  U+017F U+0323 U+0307
-NFKD: ṩ
-  U+0073 U+0323 U+0307
-
-➜ unisec normalize ẛ̣  --form nfkd
-ṩ
-
@@ -128,135 +93,31 @@

Overview

-
- - - - - - +

Defined Under Namespace

+

-

- Instance Method Summary - collapse -

- - - - - - - -
-

Instance Method Details

- -
-

- - #call(input: nil, **options) ⇒ Object + Classes: All, Replace + +

- - -

-
-

Normalize in all forms

-
-
-
-

Parameters:

-
    - -
  • - - input - - - (String) - - - (defaults to: nil) - - - — -

    Input string to normalize

    -
    - -
    • - -
- -
- - - - -
- 
 
 
-43
-44
-45
-46
-47
-48
-49
-50
-51
- 		- 
# File 'lib/unisec/cli/normalization.rb', line 43
 
-def call(input: nil, **options)
-  input = $stdin.read.chomp if input == '-'
-  if options[:form].nil?
-    puts Unisec::Normalization.new(input).display
-  else
-    # using send() is safe here thanks to the value whitelist
-    puts Unisec::Normalization.send(options[:form], input)
-  end
-end
-
-
- -
diff --git a/docs/yard/Unisec/CLI/Commands/Normalize/All.html b/docs/yard/Unisec/CLI/Commands/Normalize/All.html new file mode 100644 index 0000000..90277aa --- /dev/null +++ b/docs/yard/Unisec/CLI/Commands/Normalize/All.html @@ -0,0 +1,263 @@ + + + + + + + Class: Unisec::CLI::Commands::Normalize::All + + — Documentation by YARD 0.9.36 + + + + + + + + + + + + + + + + + +
+ +
+
+ +
+ + +

Class: Unisec::CLI::Commands::Normalize::All + + + +

+
+ +
+
Inherits:
+
+ Dry::CLI::Command + +
    +
  • Object
    • + + + + + +
+ show all + +
+
+ + + + + + + + + + + +
+
Defined in:
+
lib/unisec/cli/normalization.rb
+
+ +
+ +

Overview

+
+

Command unisec normalize all "example"

+

Example:

+
➜ unisec normalize all ẛ̣
+Original: ẛ̣
+  U+1E9B U+0323
+NFC: ẛ̣
+  U+1E9B U+0323
+NFKC: ṩ
+  U+1E69
+NFD: ẛ̣
+  U+017F U+0323 U+0307
+NFKD: ṩ
+  U+0073 U+0323 U+0307
+
+➜ unisec normalize all ẛ̣  --form nfkd
+ṩ
+
+ + +
+
+
+ + +
+ + + + + + + +

+ Instance Method Summary + collapse +

+ + + + + + + +
+

Instance Method Details

+ + +
+

+ + #call(input: nil, **options) ⇒ Object + + + + + +

+
+

Normalize in all forms

+ + +
+
+
+

Parameters:

+
    + +
  • + + input + + + (String) + + + (defaults to: nil) + + + — +

    Input string to normalize

    +
    + +
    • + +
+ + +
+ + + + +
+ 
+
+
+43
+44
+45
+46
+47
+48
+49
+50
+51
+ 		+ 
# File 'lib/unisec/cli/normalization.rb', line 43
+
+def call(input: nil, **options)
+  input = $stdin.read.chomp if input == '-'
+  if options[:form].nil?
+    puts Unisec::Normalization.new(input).display
+  else
+    # using send() is safe here thanks to the value whitelist
+    puts Unisec::Normalization.send(options[:form], input)
+  end
+end
+
+
+ +
+ +
+ + + +
+ + \ No newline at end of file diff --git a/docs/yard/Unisec/CLI/Commands/Normalize/Replace.html b/docs/yard/Unisec/CLI/Commands/Normalize/Replace.html new file mode 100644 index 0000000..dda475e --- /dev/null +++ b/docs/yard/Unisec/CLI/Commands/Normalize/Replace.html @@ -0,0 +1,250 @@ + + + + + + + Class: Unisec::CLI::Commands::Normalize::Replace + + — Documentation by YARD 0.9.36 + + + + + + + + + + + + + + + + + +
+ +
+
+ +
+ + +

Class: Unisec::CLI::Commands::Normalize::Replace + + + +

+
+ +
+
Inherits:
+
+ Dry::CLI::Command + +
    +
  • Object
    • + + + + + +
+ show all + +
+
+ + + + + + + + + + + +
+
Defined in:
+
lib/unisec/cli/normalization.rb
+
+ +
+ +

Overview

+
+

Command unisec normalize replace "example"

+

Example:

+
➜ unisec normalize replace "<svg onload=\"alert('XSS')\">"
+Original: <svg onload="alert('XSS')">
+  U+003C U+0073 U+0076 U+0067 U+0020 U+006F U+006E U+006C U+006F U+0061 U+0064 U+003D U+0022 U+0061 U+006C U+0065 U+0072 U+0074 U+0028 U+0027 U+0058 U+0053 U+0053 U+0027 U+0029 U+0022 U+003E
+Bypass payload: ﹤svg onload="alert('XSS')"﹥
+  U+FE64 U+0073 U+0076 U+0067 U+0020 U+006F U+006E U+006C U+006F U+0061 U+0064 U+003D U+FF02 U+0061 U+006C U+0065 U+0072 U+0074 U+0028 U+FF07 U+0058 U+0053 U+0053 U+FF07 U+0029 U+FF02 U+FE65
+NFKC: <svg onload="alert('XSS')">
+  U+003C U+0073 U+0076 U+0067 U+0020 U+006F U+006E U+006C U+006F U+0061 U+0064 U+003D U+0022 U+0061 U+006C U+0065 U+0072 U+0074 U+0028 U+0027 U+0058 U+0053 U+0053 U+0027 U+0029 U+0022 U+003E
+NFKD: <svg onload="alert('XSS')">
+  U+003C U+0073 U+0076 U+0067 U+0020 U+006F U+006E U+006C U+006F U+0061 U+0064 U+003D U+0022 U+0061 U+006C U+0065 U+0072 U+0074 U+0028 U+0027 U+0058 U+0053 U+0053 U+0027 U+0029 U+0022 U+003E
+
+➜ echo -n "<svg onload=\"alert('XSS')\">" | unisec normalize replace -
+
+ + +
+
+
+ + +
+ + + + + + + +

+ Instance Method Summary + collapse +

+ + + + + + + +
+

Instance Method Details

+ + +
+

+ + #call(input: nil, **_options) ⇒ Object + + + + + +

+
+

Prepare a XSS payload for HTML escape bypass (HTML escape followed by NFKC / NFKD normalization)

+ + +
+
+
+

Parameters:

+
    + +
  • + + input + + + (String) + + + (defaults to: nil) + + + — +

    Input string to normalize

    +
    + +
    • + +
+ + +
+ + + + +
+ 
+
+
+79
+80
+81
+82
+ 		+ 
# File 'lib/unisec/cli/normalization.rb', line 79
+
+def call(input: nil, **_options)
+  input = $stdin.read.chomp if input == '-'
+  puts Unisec::Normalization.new(input).display_replace
+end
+
+
+ +
+ +
+ + + +
+ + \ No newline at end of file diff --git a/docs/yard/Unisec/CLI/Commands/Properties.html b/docs/yard/Unisec/CLI/Commands/Properties.html index 0416598..8ac309c 100644 --- a/docs/yard/Unisec/CLI/Commands/Properties.html +++ b/docs/yard/Unisec/CLI/Commands/Properties.html @@ -6,7 +6,7 @@ Module: Unisec::CLI::Commands::Properties - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -115,9 +115,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands/Properties/Char.html b/docs/yard/Unisec/CLI/Commands/Properties/Char.html index ff983e1..5c86b5b 100644 --- a/docs/yard/Unisec/CLI/Commands/Properties/Char.html +++ b/docs/yard/Unisec/CLI/Commands/Properties/Char.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Properties::Char - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -273,9 +273,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Properties/Codepoints.html b/docs/yard/Unisec/CLI/Commands/Properties/Codepoints.html index a6b79e2..a1d1e10 100644 --- a/docs/yard/Unisec/CLI/Commands/Properties/Codepoints.html +++ b/docs/yard/Unisec/CLI/Commands/Properties/Codepoints.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Properties::Codepoints - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -230,9 +230,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Properties/List.html b/docs/yard/Unisec/CLI/Commands/Properties/List.html index 864d9d9..c9b296a 100644 --- a/docs/yard/Unisec/CLI/Commands/Properties/List.html +++ b/docs/yard/Unisec/CLI/Commands/Properties/List.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Properties::List - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -215,9 +215,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Size.html b/docs/yard/Unisec/CLI/Commands/Size.html index aa9a898..1aaaaa8 100644 --- a/docs/yard/Unisec/CLI/Commands/Size.html +++ b/docs/yard/Unisec/CLI/Commands/Size.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Size - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -236,9 +236,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Surrogates.html b/docs/yard/Unisec/CLI/Commands/Surrogates.html index 3d748f2..1928e47 100644 --- a/docs/yard/Unisec/CLI/Commands/Surrogates.html +++ b/docs/yard/Unisec/CLI/Commands/Surrogates.html @@ -6,7 +6,7 @@ Module: Unisec::CLI::Commands::Surrogates - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -115,9 +115,9 @@

Overview

diff --git a/docs/yard/Unisec/CLI/Commands/Surrogates/From.html b/docs/yard/Unisec/CLI/Commands/Surrogates/From.html index 30222d8..cc92f31 100644 --- a/docs/yard/Unisec/CLI/Commands/Surrogates/From.html +++ b/docs/yard/Unisec/CLI/Commands/Surrogates/From.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Surrogates::From - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -251,9 +251,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Surrogates/To.html b/docs/yard/Unisec/CLI/Commands/Surrogates/To.html index d17cfea..689b39f 100644 --- a/docs/yard/Unisec/CLI/Commands/Surrogates/To.html +++ b/docs/yard/Unisec/CLI/Commands/Surrogates/To.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Surrogates::To - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -232,9 +232,9 @@

diff --git a/docs/yard/Unisec/CLI/Commands/Versions.html b/docs/yard/Unisec/CLI/Commands/Versions.html index 40f95a2..b28237e 100644 --- a/docs/yard/Unisec/CLI/Commands/Versions.html +++ b/docs/yard/Unisec/CLI/Commands/Versions.html @@ -6,7 +6,7 @@ Class: Unisec::CLI::Commands::Versions - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -219,9 +219,9 @@

diff --git a/docs/yard/Unisec/Confusables.html b/docs/yard/Unisec/Confusables.html index 8dbbee7..4e65451 100644 --- a/docs/yard/Unisec/Confusables.html +++ b/docs/yard/Unisec/Confusables.html @@ -6,7 +6,7 @@ Class: Unisec::Confusables - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -575,9 +575,9 @@

diff --git a/docs/yard/Unisec/Hexdump.html b/docs/yard/Unisec/Hexdump.html index e1ab473..33159b2 100644 --- a/docs/yard/Unisec/Hexdump.html +++ b/docs/yard/Unisec/Hexdump.html @@ -6,7 +6,7 @@ Class: Unisec::Hexdump - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -1341,9 +1341,9 @@

diff --git a/docs/yard/Unisec/Normalization.html b/docs/yard/Unisec/Normalization.html index 58c897e..4c6884a 100644 --- a/docs/yard/Unisec/Normalization.html +++ b/docs/yard/Unisec/Normalization.html @@ -6,7 +6,7 @@ Class: Unisec::Normalization - — Documentation by YARD 0.9.34 + — Documentation by YARD 0.9.36 @@ -110,6 +110,39 @@

Overview

+ +

+ Constant Summary + collapse +

+ +
+ +
HTML_ESCAPE_BYPASS = +
+
+

HTML escapable characters mapped with their Unicode counterparts that will +cast to themself after applying normalization forms using compatibility mode.

+ + +
+
+
+ + +
+
+ 
{
+  '<' => ['', ''],
+  '>' => ['', ''],
+  '"' => [''],
+  "'" => [''],
+  '&' => ['', '']
+}.freeze
+ +
+ + @@ -358,6 +391,29 @@

Normalization Form KD (NFKD) - Compatibility Decomposition.

 + + + +
  • + + + .replace_bypass(str) ⇒ String + + + + + + + + + + + + + +

    Replace HTML escapable characters with their Unicode counterparts that will cast to themself after applying normalization forms using compatibility mode.

    +
     +
    • @@ -390,6 +446,29 @@

    Display a CLI-friendly output summurizing all normalization forms.

     + + + +
  • + + + #display_replace ⇒ Object + + + + + + + + + + + + + +

    Display a CLI-friendly output of the XSS payload to bypass HTML escape and what it does once normalized in NFKC & NFKD.

    +
     +
    • @@ -415,6 +494,29 @@

    Generate all normilzation forms for a given input.

     + + + +
  • + + + #replace_bypass ⇒ Object + + + + + + + + + + + + + +

    Instance version of Normalization.replace_bypass.

    +
     +
    • @@ -468,16 +570,16 @@ 

     
 
-31
-32
-33
-34
-35
-36
-37
    +41 +42 +43 +44 +45 +46 +47 - 
    # File 'lib/unisec/normalization.rb', line 31
+      
    # File 'lib/unisec/normalization.rb', line 41
 
 def initialize(str)
   @original = str
@@ -540,12 +642,12 @@ 
    
       
     
 
-14
-15
-16
    
+24
+25
+26
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 14
+      
    # File 'lib/unisec/normalization.rb', line 24
 
 def nfc
   @nfc
@@ -599,12 +701,12 @@ 
    
       
     
 
-22
-23
-24
    
+32
+33
+34
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 22
+      
    # File 'lib/unisec/normalization.rb', line 32
 
 def nfd
   @nfd
@@ -658,12 +760,12 @@ 
    
       
     
 
-18
-19
-20
    
+28
+29
+30
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 18
+      
    # File 'lib/unisec/normalization.rb', line 28
 
 def nfkc
   @nfkc
@@ -717,12 +819,12 @@ 
    
       
     
 
-26
-27
-28
    
+36
+37
+38
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 26
+      
    # File 'lib/unisec/normalization.rb', line 36
 
 def nfkd
   @nfkd
@@ -776,12 +878,12 @@ 
    
       
     
 
-10
-11
-12
    
+20
+21
+22
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 10
+      
    # File 'lib/unisec/normalization.rb', line 20
 
 def original
   @original
@@ -859,12 +961,12 @@ 
    
       
     
 
-42
-43
-44
    
+52
+53
+54
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 42
+      
    # File 'lib/unisec/normalization.rb', line 52
 
 def self.nfc(str)
   str.unicode_normalize(:nfc)
@@ -935,12 +1037,12 @@ 
    
       
     
 
-56
-57
-58
    
+66
+67
+68
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 56
+      
    # File 'lib/unisec/normalization.rb', line 66
 
 def self.nfd(str)
   str.unicode_normalize(:nfd)
@@ -1011,12 +1113,12 @@ 
    
       
     
 
-49
-50
-51
    
+59
+60
+61
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 49
+      
    # File 'lib/unisec/normalization.rb', line 59
 
 def self.nfkc(str)
   str.unicode_normalize(:nfkc)
@@ -1087,12 +1189,12 @@ 
    
       
     
 
-63
-64
-65
    
+73
+74
+75
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 63
+      
    # File 'lib/unisec/normalization.rb', line 73
 
 def self.nfkd(str)
   str.unicode_normalize(:nfkd)
@@ -1100,6 +1202,93 @@ 
    
     
   
 
+
+    
+      
    
+  
    
+  
+    .replace_bypass(str)  ⇒ String 
+  
+
+  
+
+  
+
    
+  
    
+    
    Replace HTML escapable characters with their Unicode counterparts that will
+cast to themself after applying normalization forms using compatibility mode.
+Usefull for XSS, to bypass HTML escape.
+If several values are possible, one is picked randomly.
    
+
+
+  
    
+
    
+
    
+  
    Parameters:
    
+
      
+  
+    
    • 
+      
+        str
+      
+      
+        (String)
+      
+      
+      
+        —
+        
      the target string
      
+
      
+      
+    
      • 
+  
+
    
+
+
    Returns:
    
+
      
+  
+    
    • 
+      
+      
+        (String)
+      
+      
+      
+        —
+        
      escaped input
      
+
      
+      
+    
      • 
+  
+
    
+
+
    
+  
+    
+    
+  
+
    
+      
    +
+
+83
+84
+85
+86
+87
+88
+89
    
+        		
+      
    # File 'lib/unisec/normalization.rb', line 83
+
+def self.replace_bypass(str)
+  str = str.dup
+  HTML_ESCAPE_BYPASS.each do |k, v|
+    str.gsub!(k, v.sample)
+  end
+  str
+end
    
+    
    
 
    
     
   
@@ -1169,20 +1358,20 @@ 
    
       
     
 
-82
-83
-84
-85
-86
-87
-88
-89
-90
-91
-92
    
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
    
     
     
-      
    # File 'lib/unisec/normalization.rb', line 82
+      
    # File 'lib/unisec/normalization.rb', line 111
 
 def display
   colorize = lambda { |form_title, form_attr|
@@ -1198,6 +1387,103 @@ 
    
     
   
 
+
+    
+      
    
+  
    
+  
+    #display_replaceObject 
+  
+
+  
+
+  
+
    
+  
    
+    
    Display a CLI-friendly output of the XSS payload to bypass HTML escape and
+what it does once normalized in NFKC & NFKD.
    
+
+
+  
    
+
    
+
    
+  
+
+
    
+  
+    
+    
+  
+
    
+      
    +
+
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
    
+        		
+      
    # File 'lib/unisec/normalization.rb', line 125
+
+def display_replace
+  colorize = lambda { |form_title, form_attr|
+    "#{Paint[form_title.to_s, :underline,
+             :bold]}: #{form_attr}\n  #{Paint[Unisec::Properties.chars2codepoints(form_attr), :red]}\n"
+  }
+  payload = replace_bypass
+  colorize.call('Original', @original) +
+    colorize.call('Bypass payload', payload) +
+    colorize.call('NFKC', Normalization.nfkc(payload)) +
+    colorize.call('NFKD', Normalization.nfkd(payload))
+end
    
+    
    
+
    
+    
+      
    
+  
    
+  
+    #replace_bypassObject 
+  
+
+  
+
+  
+
    
+  
    
+    
    Instance version of replace_bypass.
    
+
+
+  
    
+
    
+
    
+  
+
+
    
+  
+    
+    
+  
+
    
+      
    +
+
+92
+93
+94
    
+        		
+      
    # File 'lib/unisec/normalization.rb', line 92
+
+def replace_bypass
+  Normalization.replace_bypass(@original)
+end
    
+    
    
 
    
     
   
@@ -1205,9 +1491,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Properties.html b/docs/yard/Unisec/Properties.html
index 5982136..d7a0497 100644
--- a/docs/yard/Unisec/Properties.html
+++ b/docs/yard/Unisec/Properties.html
@@ -6,7 +6,7 @@
 
   Class: Unisec::Properties
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -1140,9 +1140,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Rugrep.html b/docs/yard/Unisec/Rugrep.html
index c31f131..1e4f757 100644
--- a/docs/yard/Unisec/Rugrep.html
+++ b/docs/yard/Unisec/Rugrep.html
@@ -6,7 +6,7 @@
 
   Class: Unisec::Rugrep
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -731,9 +731,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Size.html b/docs/yard/Unisec/Size.html
index 2520437..54428b3 100644
--- a/docs/yard/Unisec/Size.html
+++ b/docs/yard/Unisec/Size.html
@@ -6,7 +6,7 @@
 
   Class: Unisec::Size
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -1966,9 +1966,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Surrogates.html b/docs/yard/Unisec/Surrogates.html
index 3da1774..611d4b5 100644
--- a/docs/yard/Unisec/Surrogates.html
+++ b/docs/yard/Unisec/Surrogates.html
@@ -6,7 +6,7 @@
 
   Class: Unisec::Surrogates
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -1246,9 +1246,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Utils.html b/docs/yard/Unisec/Utils.html
index 139725d..f2050ec 100644
--- a/docs/yard/Unisec/Utils.html
+++ b/docs/yard/Unisec/Utils.html
@@ -6,7 +6,7 @@
 
   Module: Unisec::Utils
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -115,9 +115,9 @@ 
    Overview
    
 
    
 
       
 
     
diff --git a/docs/yard/Unisec/Utils/String.html b/docs/yard/Unisec/Utils/String.html
index 9378961..f4de74e 100644
--- a/docs/yard/Unisec/Utils/String.html
+++ b/docs/yard/Unisec/Utils/String.html
@@ -6,7 +6,7 @@
 
   Module: Unisec::Utils::String
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -613,9 +613,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/Unisec/Versions.html b/docs/yard/Unisec/Versions.html
index bcafea7..beb39b6 100644
--- a/docs/yard/Unisec/Versions.html
+++ b/docs/yard/Unisec/Versions.html
@@ -6,7 +6,7 @@
 
   Class: Unisec::Versions
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -416,9 +416,9 @@ 
    
 
 
       
 
     
diff --git a/docs/yard/_index.html b/docs/yard/_index.html
index c7b133f..2c9c959 100644
--- a/docs/yard/_index.html
+++ b/docs/yard/_index.html
@@ -4,7 +4,7 @@
     
 
 
-  Documentation by YARD 0.9.34
+  Documentation by YARD 0.9.36
   
 
 
@@ -52,7 +52,7 @@
         
    
       
 
-      
    Documentation by YARD 0.9.34
    
+      
    Documentation by YARD 0.9.36
    
 
    
   
    Alphabetic Index
    
   
@@ -100,6 +100,21 @@ 
    Namespace Listing A-Z
    
     
       
         
+        
      
+          
    • A
      • 
+          
        
+            
+              
      • 
+                All
+                
+                  (Unisec::CLI::Commands::Normalize)
+                
+              
        • 
+            
+          
      
+        
    
+      
+        
         
      
           
    • B
      • 
           
        
@@ -237,6 +252,9 @@ 
        Namespace Listing A-Z
        
         
      
       
         
+          
+          
+        
         
        
           
      • L
        • 
           
          
@@ -259,9 +277,6 @@ 
          Namespace Listing A-Z
          
         
        
       
         
-          
-          
-        
         
          
           
        • N
          • 
           
            
@@ -274,7 +289,7 @@ 
            Namespace Listing A-Z
            
               
             
               
          • 
-                Normalize
+                Normalize
                 
                   (Unisec::CLI::Commands)
                 
@@ -317,6 +332,13 @@ 
            Namespace Listing A-Z
            
                 
               
            • 
             
+              
          • 
+                Replace
+                
+                  (Unisec::CLI::Commands::Normalize)
+                
+              
            • 
+            
               
          • 
                 Rugrep
                 
@@ -450,9 +472,9 @@ 
            Namespace Listing A-Z
            
 
    
 
       
 
     
    
diff --git a/docs/yard/class_list.html b/docs/yard/class_list.html
index 64ac492..50ab21b 100644
--- a/docs/yard/class_list.html
+++ b/docs/yard/class_list.html
@@ -43,7 +43,7 @@ 
    Class List
    
 
       
     
    
diff --git a/docs/yard/file.CHANGELOG.html b/docs/yard/file.CHANGELOG.html
index 497ef64..41c1713 100644
--- a/docs/yard/file.CHANGELOG.html
+++ b/docs/yard/file.CHANGELOG.html
@@ -6,7 +6,7 @@
 
   File: CHANGELOG
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -58,6 +58,17 @@
       
 
       
    [unreleased]
    
+
    [0.0.6]
    
+
    Features
    
+
      
+
    • Prepare a XSS payload for HTML escape bypass (HTML escape followed by NFKC / NFKD normalization)
+
        
+
      • Rename CLI command normalize into normalize all
        • 
+
      • Add a new method replace_bypass in the class Unisec::Normalization
        • 
+
      • Add a new CLI command normalize replace (using the new replace_bypass method)
        • 
+
      
+
      • 
+
    
 
    [0.0.5]
    
 
    Features
    
 
      
@@ -103,9 +114,9 @@ 
      [0.0.1]
      
 
    
 
       
 
     
diff --git a/docs/yard/file.LICENSE.html b/docs/yard/file.LICENSE.html
index 50c0684..0e696a9 100644
--- a/docs/yard/file.LICENSE.html
+++ b/docs/yard/file.LICENSE.html
@@ -6,7 +6,7 @@
 
   File: LICENSE
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -77,9 +77,9 @@
 
 
       
 
     
diff --git a/docs/yard/file.README.html b/docs/yard/file.README.html
index b333586..897aa58 100644
--- a/docs/yard/file.README.html
+++ b/docs/yard/file.README.html
@@ -6,7 +6,7 @@
 
   File: README
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -90,7 +90,7 @@ 
    Features
    
 
 
  • Normalization
 
      
-
    • NFC, NFKC, NFD, NFKD normalization forms
      • 
+
    • NFC, NFKC, NFD, NFKD normalization forms, HTML escape bypass for XSS
      • 
 
    
 
    • 
 
  • Properties
@@ -135,9 +135,9 @@ 
    Author
    
 
 
       
 
     
diff --git a/docs/yard/file.about.html b/docs/yard/file.about.html
index 51d71e3..d98e0d7 100644
--- a/docs/yard/file.about.html
+++ b/docs/yard/file.about.html
@@ -6,7 +6,7 @@
 
   File: about
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -67,9 +67,9 @@ 
    User documentation
    
 
 
       
 
     
diff --git a/docs/yard/file.documentation.html b/docs/yard/file.documentation.html
index 2849190..1917ad2 100644
--- a/docs/yard/file.documentation.html
+++ b/docs/yard/file.documentation.html
@@ -6,7 +6,7 @@
 
   File: documentation
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -76,9 +76,9 @@ 
    Build & serve locally
    
 
 
       
 
     
diff --git a/docs/yard/file.install.html b/docs/yard/file.install.html
index 4003388..aa5de63 100644
--- a/docs/yard/file.install.html
+++ b/docs/yard/file.install.html
@@ -6,7 +6,7 @@
 
   File: install
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -111,9 +111,9 @@ 
    No install
    
 
 
       
 
     
diff --git a/docs/yard/file.publishing.html b/docs/yard/file.publishing.html
index a080939..f720b97 100644
--- a/docs/yard/file.publishing.html
+++ b/docs/yard/file.publishing.html
@@ -6,7 +6,7 @@
 
   File: publishing
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -65,6 +65,12 @@
 
    $ bundle exec rubocop
 
    
 
    Update the version in lib/unisec/version.rb.
    
+
    Update the documentation, at least:
    
+
      
+
    • README.md
      • 
+
    • docs/CHANGELOG.md
      • 
+
    • docs/pages/usage.md
      • 
+
    
 
    On new release don't forget to rebuild the library documentation:
    
 
    $ bundle exec yard doc
 
    
@@ -85,9 +91,9 @@
 
 
       
 
     
diff --git a/docs/yard/file.quick-start.html b/docs/yard/file.quick-start.html
index 555d6af..e8ba22e 100644
--- a/docs/yard/file.quick-start.html
+++ b/docs/yard/file.quick-start.html
@@ -6,7 +6,7 @@
 
   File: quick-start
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -78,9 +78,9 @@ 
    Default usage: library
    
 
 
       
 
     
diff --git a/docs/yard/file.usage.html b/docs/yard/file.usage.html
index 40d631d..33baf30 100644
--- a/docs/yard/file.usage.html
+++ b/docs/yard/file.usage.html
@@ -6,7 +6,7 @@
 
   File: usage
   
-    — Documentation by YARD 0.9.34
+    — Documentation by YARD 0.9.36
   
 
 
@@ -111,7 +111,12 @@ 
    Examples
    
 
    • 
 
  • Grep
    • 
 
  • Hexdump
    • 
-
  • Normalize
    • 
+
  • Normalize
+
+
    • 
 
  • Properties
 
      
 
    • Char
      • 
@@ -145,9 +150,9 @@ 
      Library
      
 
 
       
 
     
diff --git a/docs/yard/frames.html b/docs/yard/frames.html
index 4f918f5..53734c2 100644
--- a/docs/yard/frames.html
+++ b/docs/yard/frames.html
@@ -2,13 +2,18 @@
 
 
   
-	Documentation by YARD 0.9.34
+	Documentation by YARD 0.9.36