2013년 11월 26일 화요일

EnhancedURLCheck

import java.io.*;
    import java.net.*;
    import javax.swing.text.*;
    import javax.swing.text.html.*;

    class EnhancedURLCheck {
      public static void main(String[] args) {
        HttpURLConnection.setFollowRedirects(false);
        EditorKit kit = new HTMLEditorKit();
        Document doc = kit.createDefaultDocument();

        // The Document class does not yet
        // handle charset's properly.
        doc.putProperty("IgnoreCharsetDirective",
          Boolean.TRUE);

        try {

          // Create a reader on the HTML content.
          Reader rd = getReader(args[0]);

          // Parse the HTML.
          kit.read(rd, doc, 0);

          // Iterate through the elements
          // of the HTML document.
          ElementIterator it = new ElementIterator(doc);
          javax.swing.text.Element elem;
          while ((elem = it.next()) != null) {
            SimpleAttributeSet s = (SimpleAttributeSet)
              elem.getAttributes().getAttribute(
                HTML.Tag.A);
            if (s != null) {
              validateHref(
                (String)s.getAttribute(
                  HTML.Attribute.HREF));
            }
          }
        } catch (Exception e) {
          e.printStackTrace();
        }
        System.exit(1);
      }
  
    // Returns a reader on the HTML data. If 'uri' begins
    // with "http:", it's treated as a URL; otherwise,
    // it's assumed to be a local filename.
      static Reader getReader(String uri)
        throws IOException {
        if (uri.startsWith("http:")) {

    // Retrieve from Internet.
          URLConnection conn =
            new URL(uri).openConnection();
          return new
            InputStreamReader(conn.getInputStream());
        } else {

    // Retrieve from file.
          return new FileReader(uri);
    }
  }

      private static void validateHref(String urlString) {
        if ((urlString != null) &&
         urlString.startsWith("http://")) {
          try {
            URL url = new URL(urlString);
            URLConnection connection =
              url.openConnection();
            if (connection instanceof HttpURLConnection) {
              HttpURLConnection httpConnection =
                (HttpURLConnection)connection;
              httpConnection.setRequestMethod("HEAD");
              httpConnection.connect();
              int response =
                httpConnection.getResponseCode();
              System.out.println("[" + response + "]" +
                urlString);
              String location =
                httpConnection.getHeaderField("Location");
              if (location != null) {
                System.out.println(
                  "Location: " + location);
              }
          System.out.println();
            }
          } catch (IOException e) {
            e.printStackTrace();
          }
        }
      }
    }

홈페이지 jQuery 라이브러리에서 CVE-2019-11358 취약점 패치 여부 확인 방법

현재 홈페이지에서 사용 중인 jQuery 라이브러리가 CVE-2019-11358 취약점 패치를 적용했는지 확인하는 방법은 다음과 같습니다. 1. jQuery 버전 확인 홈페이지 소스 코드를 확인하여 jQuery 라이브러리 버전을 직접 확인합니다. 웹 ...