From 6bc6069d6bcf566ba386931fada68a6f944cae50 Mon Sep 17 00:00:00 2001 From: S Riemersma Date: Mon, 19 Sep 2022 14:08:59 +0200 Subject: [PATCH] add multiple policy checks --- decode.go | 7 +++++-- stream.go | 9 ++++++++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/decode.go b/decode.go index 48fe6f1..200853f 100644 --- a/decode.go +++ b/decode.go @@ -86,14 +86,13 @@ import ( // // The JSON null value unmarshals into an interface, map, pointer, or slice // by setting that Go value to nil. Because null is often used in JSON to mean -// ``not present,'' unmarshaling a JSON null into any other Go type has no effect +// “not present,” unmarshaling a JSON null into any other Go type has no effect // on the value and produces no error. // // When unmarshaling quoted strings, invalid UTF-8 or // invalid UTF-16 surrogate pairs are not treated as an error. // Instead, they are replaced by the Unicode replacement // character U+FFFD. -// func Unmarshal(data []byte, v interface{}) error { // Check for well-formedness. // Avoids filling out half a data structure @@ -1210,6 +1209,10 @@ func (d *decodeState) literalInterface() interface{} { if !ok { panic(phasePanicMsg) } + + if d.useBlueMonday { + s = d.blueMonday.Sanitize(s) + } return s default: // number diff --git a/stream.go b/stream.go index 052b98e..2739da5 100644 --- a/stream.go +++ b/stream.go @@ -77,6 +77,14 @@ func (dec *Decoder) UseBlueMonday() *Decoder { return dec } +// UseBlueMonday causes the Decoder to unmarshal a string literal and escape +// any XSS using the blue monday package +func (dec *Decoder) WithPolicy(policy *bluemonday.Policy) *Decoder { + dec.d.useBlueMonday = true + dec.d.blueMonday = policy + return dec +} + // UseIgnoreEmpty causes the Decoder to ignore empty objects in json. func (dec *Decoder) IgnoreEmptyObject() { dec.d.ignoreEmpty = true } @@ -331,7 +339,6 @@ var _ Unmarshaler = (*RawMessage)(nil) // Number, for JSON numbers // string, for JSON string literals // nil, for JSON null -// type Token interface{} const (