選択ウィジェットのホワイトリスト
ブログ、Wiki、HTML テキスト領域のウィジェット、およびリストとグリッドの HTML レンダラーに対し、ThingWorx 8.4.1 のセキュリティが強化されました。これらの更新により、新しいコンフィギュレーション可能な
Google からの Caja ライブラリが作成され、これらのウィジェットとレンダラーで使用できる HTML エレメントと属性のホワイトリストを指定できます。参考までに、ホワイトリストを以下にリストします。また、Google からも入手できます。
エレメントのホワイトリスト
{
"description": [
"See http://code.google.com/p/google-caja/wiki/CajaWhitelists",
"The denied is not necessary but lets us document why they're denied."
],
"allowed": [
"A",
"ABBR",
"ACRONYM",
"ADDRESS",
"AREA",
"B",
"BDO",
"BIG",
"BLOCKQUOTE",
"BR",
"BUTTON",
"CAPTION",
"CENTER",
"CITE",
"CODE",
"COL",
"COLGROUP",
"DD",
"DEL",
"DFN",
"DIR",
"DIV",
"DL",
"DT",
"EM",
"FIELDSET",
"FONT",
"H1",
"H2",
"H3",
"H4",
"H5",
"H6",
"HR",
"I",
"IFRAME",
"IMG",
"INPUT",
"INS",
"KBD",
"LABEL",
"LEGEND",
"LI",
"MAP",
"MENU",
"OL",
"OPTGROUP",
"OPTION",
"P",
"PRE",
"Q",
"S",
"SAMP",
"SELECT",
"SMALL",
"SPAN",
"STRIKE",
"STRONG",
"SUB",
"SUP",
"TABLE",
"TBODY",
"TD",
"TEXTAREA",
"TFOOT",
"TH",
"THEAD",
"TR",
"TT",
"U",
"UL",
"VAR"
],
"denied": [
{ "key": "APPLET",
"reason": "disallow because allows scripting" },
{ "key": "BASE",
"reason":
"affects global state and could be used to redirect requests" },
{ "key": "BASEFONT",
"reason": "affects global state" },
{ "key": "BODY",
"reason": "a global level tag" },
{ "key": "FRAME",
"reason": "can be used to cause javascript execution" },
{ "key": "FRAMESET",
"reason": "only useful with banned elements" },
{ "key": "HEAD",
"reason": "a global level tag" },
{ "key": "HTML",
"reason": "a global level tag" },
{ "key": "ISINDEX",
"reason": "can be used to change page location" },
{ "key": "LINK",
"reason": "can be used to load other javascript, e.g. on print" },
{ "key": "META",
"reason": "can be used to cause page reloads" },
{ "key": "NOFRAMES",
"reason": "useless since frames can't be used" },
{ "key": "NOSCRIPT",
"reason": "useless since javascript must be loaded" },
{ "key": "OBJECT",
"reason": "allows scripting" },
{ "key": "PARAM",
"reason": "useless since applet and object banned" },
{ "key": "SCRIPT",
"reason": "allows execution of arbitrary script" },
{ "key": "STYLE",
"reason": "allows global definition of styles." },
{ "key": "TITLE",
"reason": "a global level tag" }
]
}
属性のホワイトリスト
{
"description":
"A whitelist of allowed attributes by element and attribute name.",
"allowed": [
"TD::ABBR",
"TH::ABBR",
"FORM::ACCEPT",
"INPUT::ACCEPT",
"A::ACCESSKEY",
"AREA::ACCESSKEY",
"BUTTON::ACCESSKEY",
"INPUT::ACCESSKEY",
"LABEL::ACCESSKEY",
"LEGEND::ACCESSKEY",
"TEXTAREA::ACCESSKEY",
"FORM::ACTION",
"CAPTION::ALIGN",
"IFRAME::ALIGN",
"IMG::ALIGN",
"INPUT::ALIGN",
"LEGEND::ALIGN",
"TABLE::ALIGN",
"HR::ALIGN",
"DIV::ALIGN",
"H1::ALIGN",
"H2::ALIGN",
"H3::ALIGN",
"H4::ALIGN",
"H5::ALIGN",
"H6::ALIGN",
"P::ALIGN",
"COL::ALIGN",
"COLGROUP::ALIGN",
"TBODY::ALIGN",
"TD::ALIGN",
"TFOOT::ALIGN",
"TH::ALIGN",
"THEAD::ALIGN",
"TR::ALIGN",
"BODY::ALINK",
"AREA::ALT",
"IMG::ALT",
"INPUT::ALT",
"TD::AXIS",
"TH::AXIS",
"BODY::BACKGROUND",
"TABLE::BGCOLOR",
"TR::BGCOLOR",
"TD::BGCOLOR",
"TH::BGCOLOR",
"BODY::BGCOLOR",
"TABLE::BORDER",
"IMG::BORDER",
"TABLE::CELLPADDING",
"TABLE::CELLSPACING",
"COL::CHAR",
"COLGROUP::CHAR",
"TBODY::CHAR",
"TD::CHAR",
"TFOOT::CHAR",
"TH::CHAR",
"THEAD::CHAR",
"TR::CHAR",
"COL::CHAROFF",
"COLGROUP::CHAROFF",
"TBODY::CHAROFF",
"TD::CHAROFF",
"TFOOT::CHAROFF",
"TH::CHAROFF",
"THEAD::CHAROFF",
"TR::CHAROFF",
"INPUT::CHECKED",
"BLOCKQUOTE::CITE",
"Q::CITE",
"DEL::CITE",
"INS::CITE",
"*::CLASS",
"BR::CLEAR",
"FONT::COLOR",
"TEXTAREA::COLS",
"TD::COLSPAN",
"TH::COLSPAN",
"DIR::COMPACT",
"DL::COMPACT",
"MENU::COMPACT",
"OL::COMPACT",
"UL::COMPACT",
"AREA::COORDS",
"A::COORDS",
"DEL::DATETIME",
"INS::DATETIME",
"*::DIR",
"BDO::DIR",
"BUTTON::DISABLED",
"INPUT::DISABLED",
"OPTGROUP::DISABLED",
"OPTION::DISABLED",
"SELECT::DISABLED",
"TEXTAREA::DISABLED",
"FORM::ENCTYPE",
"FONT::FACE",
"LABEL::FOR",
"TABLE::FRAME",
"IFRAME::FRAMEBORDER",
"TD::HEADERS",
"TH::HEADERS",
"IFRAME::HEIGHT",
"TD::HEIGHT",
"TH::HEIGHT",
"IMG::HEIGHT",
"A::HREF",
"AREA::HREF",
"A::HREFLANG",
"IMG::HSPACE",
"*::ID",
"IMG::ISMAP",
"INPUT::ISMAP",
"OPTION::LABEL",
"OPTGROUP::LABEL",
"*::LANG",
"BODY::LINK",
"IFRAME::MARGINHEIGHT",
"IFRAME::MARGINWIDTH",
"INPUT::MAXLENGTH",
"FORM::METHOD",
"SELECT::MULTIPLE",
"BUTTON::NAME",
"TEXTAREA::NAME",
"SELECT::NAME",
"FORM::NAME",
"FRAME::NAME",
"IMG::NAME",
"A::NAME",
"INPUT::NAME",
"MAP::NAME",
"AREA::NOHREF",
"HR::NOSHADE",
"TD::NOWRAP",
"TH::NOWRAP",
"A::ONBLUR",
"AREA::ONBLUR",
"BUTTON::ONBLUR",
"INPUT::ONBLUR",
"LABEL::ONBLUR",
"SELECT::ONBLUR",
"TEXTAREA::ONBLUR",
"INPUT::ONCHANGE",
"SELECT::ONCHANGE",
"TEXTAREA::ONCHANGE",
"*::ONCLICK",
"*::ONDBLCLICK",
"A::ONFOCUS",
"AREA::ONFOCUS",
"BUTTON::ONFOCUS",
"INPUT::ONFOCUS",
"LABEL::ONFOCUS",
"SELECT::ONFOCUS",
"TEXTAREA::ONFOCUS",
"*::ONKEYDOWN",
"*::ONKEYPRESS",
"*::ONKEYUP",
"BODY::ONLOAD",
"*::ONMOUSEDOWN",
"*::ONMOUSEMOVE",
"*::ONMOUSEOUT",
"*::ONMOUSEOVER",
"*::ONMOUSEUP",
"FORM::ONRESET",
"*::ONSCROLL",
"INPUT::ONSELECT",
"TEXTAREA::ONSELECT",
"FORM::ONSUBMIT",
"BODY::ONUNLOAD",
"TEXTAREA::READONLY",
"INPUT::READONLY",
"TEXTAREA::ROWS",
"TD::ROWSPAN",
"TH::ROWSPAN",
"TABLE::RULES",
"TD::SCOPE",
"TH::SCOPE",
"OPTION::SELECTED",
"AREA::SHAPE",
"A::SHAPE",
"HR::SIZE",
"FONT::SIZE",
"INPUT::SIZE",
"SELECT::SIZE",
"COL::SPAN",
"COLGROUP::SPAN",
"IFRAME::SRC",
"INPUT::SRC",
"IMG::SRC",
"OL::START",
"*::STYLE",
"TABLE::SUMMARY",
"*::TABINDEX",
"A::TARGET",
"AREA::TARGET",
"FORM::TARGET",
"BODY::TEXT",
"*::TITLE",
"A::TYPE",
"INPUT::TYPE",
"LI::TYPE",
"OL::TYPE",
"UL::TYPE",
"BUTTON::TYPE",
"IMG::USEMAP",
"INPUT::USEMAP",
"COL::VALIGN",
"COLGROUP::VALIGN",
"TBODY::VALIGN",
"TD::VALIGN",
"TFOOT::VALIGN",
"TH::VALIGN",
"THEAD::VALIGN",
"TR::VALIGN",
"INPUT::VALUE",
"OPTION::VALUE",
"BUTTON::VALUE",
"LI::VALUE",
"HTML::VERSION",
"BODY::VLINK",
"IMG::VSPACE",
"COL::WIDTH",
"COLGROUP::WIDTH",
"HR::WIDTH",
"IFRAME::WIDTH",
"IMG::WIDTH",
"PRE::WIDTH",
"TABLE::WIDTH",
"TD::WIDTH",
"TH::WIDTH"
],
"denied": [
{ "key": "FORM::ACCEPT-CHARSET",
"reason": [
"Per bug 585, this is an infrequently used and poorly",
"understood attribute that could lead to mismatched encoding",
"attacks. Could be used to sneak content through a proxy in a",
"wrong encoding?"
] },
{ "key": "A::CHARSET",
"reason": [
"Per bug 585: Charset is disallowed since it allows overriding",
"of Content-type headers. A server might specify UTF-8 via the",
"header Content-type:text/javascript;charset=UTF-8, but an",
"embedding page might cause that file to be interpreted as UTF-7.",
"According to http://www.w3schools.com/TAGS/att_a_charset.asp: ",
"The charset attribute is not supported in any of the major browsers."
] },
{ "key": "A::REL",
"reason": [
"Can make an assertion about the entire page.",
"TODO(kpreid): Allow filtering rels to include e.g. 'nofollow'"
] },
{ "key": "A::REV",
"reason": [
"Can make an assertion about the entire page.",
"TODO(kpreid): Allow filtering rels to include e.g. 'nofollow'"
] },
"LINK::CHARSET",
"SCRIPT::CHARSET",
{ "key": "IMG::LONGDESC",
"reason": "Not supported by any major browser" },
{ "key": "IFRAME::LONGDESC",
"reason": "Not supported by any major browser" }
],
"types": [
{ "key": "IFRAME::ID",
"type": "ID", "optional": true,
"reason": [
"We allow a restricted set of attributes on IFRAMEs to allow them ",
"to be used as shims to work around IE layout bugs.",
"But we do not allow either NAME or ID since those are not ",
"required for shims and affect publicly visible browser global ",
"state like the frame graph."
] }
]