torsten/trainingstagebuch
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(clickTtHttpPageRoutes): improve inline confirm element handling and logging

Browse Source 
- Updated the regex for matching inline confirm elements to enhance accuracy in capturing onclick attributes.
- Improved logging to include the full onclick value during inline confirm inspections, aiding in debugging.
- Adjusted the output format for inline confirm elements in logs to JSON for better readability and traceability.
This commit is contained in:
Torsten Schulz (local)
2026-03-11 13:28:58 +01:00
parent de1382b57e
commit 139d169fcc
1 changed files with 18 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
backend/routes/clickTtHttpPageRoutes.js
View File

@@ -98,21 +98,25 @@ function summarizeFormBody(body) {
function summarizeInlineConfirmElements(html) {
if (!html || typeof html !== 'string') return [];
const matches = [];
const regex = /<(a|button|input|form)\b([^>]*?\bonclick\s*=\s*["'][^"']*confirm\([^"']*["'][^>]*?)>/gi;
const elementRegex = /<(a|button|input|form)\b([^>]*)>/gi;
let match;
while ((match = regex.exec(html)) !== null && matches.length < 10) {
while ((match = elementRegex.exec(html)) !== null && matches.length < 10) {
const tag = match[1];
const attrs = match[2] || '';
const onclickMatch = attrs.match(/\bonclick\s*=\s*["']([^"']*confirm\([^"']*)["']/i);
const valueMatch = attrs.match(/\bvalue\s*=\s*["']([^"']*)["']/i);
const hrefMatch = attrs.match(/\bhref\s*=\s*["']([^"']*)["']/i);
const nameMatch = attrs.match(/\bname\s*=\s*["']([^"']*)["']/i);
const onclickMatch = attrs.match(/\bonclick\s*=\s*(["'])([\s\S]*?)\1/i);
const onclick = onclickMatch?.[2] || null;
if (!onclick || !/confirm\s*\(/i.test(onclick)) {
continue;
}
const valueMatch = attrs.match(/\bvalue\s*=\s*(["'])([\s\S]*?)\1/i);
const hrefMatch = attrs.match(/\bhref\s*=\s*(["'])([\s\S]*?)\1/i);
const nameMatch = attrs.match(/\bname\s*=\s*(["'])([\s\S]*?)\1/i);
matches.push({
tag,
name: nameMatch?.[1] || null,
value: valueMatch?.[1] || null,
href: hrefMatch?.[1] || null,
onclick: onclickMatch?.[1] || null
name: nameMatch?.[2] || null,
value: valueMatch?.[2] || null,
href: hrefMatch?.[2] || null,
onclick
});
}
return matches;
@@ -342,10 +346,11 @@ function injectProxyNavigationScript(html, proxyBaseUrl, pageBaseUrl, sid) {
'function shouldAllowInlineConfirm(element){',
"var onclickValue=element&&element.getAttribute?element.getAttribute('onclick'):null;",
'if(!onclickValue)return true;',
"var match=onclickValue.match(/return\\s+confirm\\((['\"])([\\s\\S]*?)\\1\\)/i);",
"var match=onclickValue.match(/confirm\\((['\"])([\\s\\S]*?)\\1\\)/i);",
"try{console.log('[ClickTT Proxy] inline confirm inspect',{onclick:onclickValue,matched:!!match});}catch(e){}",
'if(!match)return true;',
'var confirmed=window.confirm(match[2]);',
"try{console.log('[ClickTT Proxy] inline confirm',{message:match[2],confirmed:confirmed});}catch(e){}",
"try{console.log('[ClickTT Proxy] inline confirm',{message:match[2],confirmed:confirmed,onclick:onclickValue});}catch(e){}",
'return confirmed;',
'}',
'function logInlineConfirmElements(){',
@@ -360,7 +365,7 @@ function injectProxyNavigationScript(html, proxyBaseUrl, pageBaseUrl, sid) {
"text:(el.textContent||'').trim().slice(0,120)",
'};',
'});',
"console.log('[ClickTT Proxy] inline confirm elements',elements);",
"console.log('[ClickTT Proxy] inline confirm elements json',JSON.stringify(elements));",
'}catch(e){}',
'}',
'function getSubmitTarget(form, submitter){',