GHSL-2021-1013

nbconvert/filters/highlight.py

@@ -10,6 +10,7 @@
 # because errors should be raised at runtime if it's actually needed,
 # not import time, when it may not be needed.
 
+from html import escape
 from warnings import warn
 
 from traitlets import observe
@@ -67,7 +68,7 @@ def __call__(self, source, language=None, metadata=None):
         return _pygments_highlight(
             source if len(source) > 0 else " ",
             # needed to help post processors:
-            HtmlFormatter(cssclass=" highlight hl-" + language, **self.extra_formatter_options),
+            HtmlFormatter(cssclass=escape(f" highlight hl-{language}"), **self.extra_formatter_options),
             language,
             metadata,
         )

nbconvert/filters/tests/test_highlight.py

@@ -16,6 +16,8 @@
 
 import xml
 
+import pytest
+
 from ...tests.base import TestsBase
 from ..highlight import Highlight2HTML, Highlight2Latex
 
@@ -72,6 +74,11 @@ def test_parse_html_many_lang(self):
             root = xml.etree.ElementTree.fromstring(lang)
             self.assertEqual(self._extract_tokens(root, "k"), set(tkns))
 
+    @pytest.mark.filterwarnings("ignore")
+    def test_inject_html(self):
+        out = highlight2html(self.tests[0], 'ipython3-foo"><script>alert(1)</script>')
+        assert '<script>alert(1)</script>' not in out
+
     def _extract_tokens(self, root, cls):
         return set(map(lambda x: x.text, root.findall(".//*[@class='" + cls + "']")))
 

setup.py

@@ -237,6 +237,7 @@ def get_data_files():
 )
 
 setup_args["install_requires"] = [
+    "lxml",
     "beautifulsoup4",
     "bleach",
     "defusedxml",