From e0f37b5933a864cf4c9ece4a1bc9c8bd5b6c1b12 Mon Sep 17 00:00:00 2001 From: Jimmy Chan Date: Fri, 28 Mar 2014 11:25:56 -0700 Subject: [PATCH] add support for npm and bower so folks can use the payload data programatically --- bower.json | 9 +++++++++ categories.js | 18 ++++++++++++++++-- items.js | 21 ++++++++++++++++++--- lib/index.js | 11 +++++++++++ package.json | 22 ++++++++++++++++++++++ payloads.js | 20 +++++++++++++++++--- 6 files changed, 93 insertions(+), 8 deletions(-) create mode 100644 bower.json create mode 100644 lib/index.js create mode 100644 package.json diff --git a/bower.json b/bower.json new file mode 100644 index 0000000..fc668f3 --- /dev/null +++ b/bower.json @@ -0,0 +1,9 @@ +{ + "name": "h5sc", + "version": "0.0.0", + "main": [ + "items.js", + "payloads.js", + "categories.js" + ] +} diff --git a/categories.js b/categories.js index 1b70c27..9df669b 100644 --- a/categories.js +++ b/categories.js @@ -1,6 +1,19 @@ /* Categories - the available categories */ -var categories = -{ +(function (root, factory) { + if (typeof define === 'function' && define.amd) { + // AMD. Register as an anonymous module. + define([], factory); + } else if (typeof exports === 'object') { + // Node. Does not work with strict CommonJS, but + // only CommonJS-like environments that support module.exports, + // like Node. + module.exports = factory(); + } else { + // Browser globals (root is window) + root.categories = factory(); + } +}(this, function () { +return { 'html5' : { 'en' : 'Vectors making use of HTML5 features', 'ja' : 'HTML5\u306e\u6a5f\u80fd\u3092\u4f7f\u3063\u305f\u624b\u6cd5', @@ -119,3 +132,4 @@ var categories = 'zh' : 'Clickjacking和UI Redressing的向量' } } +})); diff --git a/items.js b/items.js index 12302eb..7c7b62d 100644 --- a/items.js +++ b/items.js @@ -1,6 +1,20 @@ /* Items - the set of available items and vectors */ -var items = -[ + +(function (root, factory) { + if (typeof define === 'function' && define.amd) { + // AMD. Register as an anonymous module. + define([], factory); + } else if (typeof exports === 'object') { + // Node. Does not work with strict CommonJS, but + // only CommonJS-like environments that support module.exports, + // like Node. + module.exports = factory(); + } else { + // Browser globals (root is window) + root.items = factory(); + } +}(this, function () { +return [ { /* ID 1 - XSS via formaction - requiring user interaction (1) */ 'id' : 1, 'category' : 'html5', @@ -4857,4 +4871,5 @@ var items = 'tags' : ['html5', 'svg', 'from', 'inline', 'xss', 'passive'], 'reporter' : '.mario' } -] \ No newline at end of file +] +})); diff --git a/lib/index.js b/lib/index.js new file mode 100644 index 0000000..2cde779 --- /dev/null +++ b/lib/index.js @@ -0,0 +1,11 @@ +var items = require('../items'), + payloads = require('../payload'), + categories = require('../categories'); + +var h5sc = {}; + +h5sc.items = items; +h5sc.payloads = payloads; +h5sc.categories = categories; + +module.exports = h5sc; diff --git a/package.json b/package.json new file mode 100644 index 0000000..f57f6ef --- /dev/null +++ b/package.json @@ -0,0 +1,22 @@ +{ + "name": "H5SC", + "version": "0.0.0", + "description": "HTML5 Security Cheatsheet", + "main": "lib/index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "repository": { + "type": "git", + "url": "git@github.com:cure53/H5SC.git" + }, + "keywords": [ + "security" + ], + "author": "cure53", + "license": "Mozilla Public License, version 2.0", + "bugs": { + "url": "https://github.com/cure53/H5SC/issues" + }, + "homepage": "https://github.com/cure53/H5SC" +} diff --git a/payloads.js b/payloads.js index 071f0e7..ce360e7 100644 --- a/payloads.js +++ b/payloads.js @@ -1,6 +1,19 @@ /* Payload - the generic payload templates */ -var payloads = -{ +(function (root, factory) { + if (typeof define === 'function' && define.amd) { + // AMD. Register as an anonymous module. + define([], factory); + } else if (typeof exports === 'object') { + // Node. Does not work with strict CommonJS, but + // only CommonJS-like environments that support module.exports, + // like Node. + module.exports = factory(); + } else { + // Browser globals (root is window) + root.payloads = factory(); + } +}(this, function () { +return { 'js_uri_alert' : 'javascript:alert(1)', 'js_uri_alert_2' : 'javascript:alert(2)', 'js_uri_alert_3' : 'javascript:alert(3)', @@ -33,4 +46,5 @@ var payloads = 'swf_path' : 'test.swf', 'jar_path' : 'test.jar', 'event_path' : 'event.php' -} \ No newline at end of file +} +}));