Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

FN: SingleFile rule #38

Open
IlluminatiFish opened this issue Aug 4, 2022 · 4 comments
Open

FN: SingleFile rule #38

IlluminatiFish opened this issue Aug 4, 2022 · 4 comments
Labels
bug Something isn't working enhancement New feature or request

Comments

@IlluminatiFish
Copy link
Collaborator

There appears to be a false negative on the SingleFile rule

Sample: https://urlscan.io/result/951ac6c6-455d-421a-96d7-42f6dfcb1744

<!DOCTYPE html> <html lang=en data-kantu=1 data-react-helmet=lang style><!--
 Page saved with SingleFile 
 url: https://metamask.io/buy-crypto/ 
 saved date: Wed Jul 20 2022 23:35:53 GMT+0100 (GMT+02:00)
@bradleyjkemp
Copy link
Member

Ah yes this is a bug in the IOK runner logic rather than the rule itself. Currently I'm implementing html|contains conditions using the urlscan.io DOM (e.g https://urlscan.io/result/951ac6c6-455d-421a-96d7-42f6dfcb1744/dom/) which actually has gone through some headless-Chrome sanitisation which removes the comment

I think it can be changed to be more like the JS/CSS implementation (i.e. based off the HTTP requests of a given content type)

@IlluminatiFish
Copy link
Collaborator Author

Ah yes this is a bug in the IOK runner logic rather than the rule itself. Currently I'm implementing html|contains conditions using the urlscan.io DOM (e.g https://urlscan.io/result/951ac6c6-455d-421a-96d7-42f6dfcb1744/dom/) which actually has gone through some headless-Chrome sanitisation which removes the comment

I think it can be changed to be more like the JS/CSS implementation (i.e. based off the HTTP requests of a given content type)

Ah, I thought so as the rule seemed absolutely fine to me.

@bradleyjkemp
Copy link
Member

I'll just leave this open as a reminder to actually implement the fix! 😅

@bradleyjkemp bradleyjkemp reopened this Aug 4, 2022
@bradleyjkemp bradleyjkemp mentioned this issue Aug 10, 2022
Merged
@bradleyjkemp
Copy link
Member

bradleyjkemp commented Aug 10, 2022
edited by IlluminatiFish
Loading

Rules to migrate (currently relying on this odd behavior):

  • indicators/santander-951d27d.yml

@IlluminatiFish IlluminatiFish added bug Something isn't working enhancement New feature or request labels Feb 5, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradleyjkemp @IlluminatiFish