lib/nexpose/vulnerability.rb in dradis-nexpose-4.8.0 vs lib/nexpose/vulnerability.rb in dradis-nexpose-4.9.0
- old
+ new
@@ -6,11 +6,11 @@
# the XML in attributes and nested tags.
#
# Instead of providing separate methods for each supported property we rely
# on Ruby's #method_missing to do most of the work.
class Vulnerability
- SSL_CIPHER_VULN_IDS = %w[ssl-anon-ciphers ssl-des-ciphers ssl-3des-ciphers ssl-export-ciphers ssl-null-ciphers ssl-only-weak-ciphers ssl-static-key-ciphers rc4-cve-2013-2566 ssl-cve-2016-2183-sweet32 tls-dhe-export-ciphers-cve-2015-4000].freeze
+ SSL_CIPHER_VULN_IDS = %w[ssl-anon-ciphers ssl-des-ciphers ssl-3des-ciphers ssl-export-ciphers ssl-null-ciphers ssl-only-weak-ciphers ssl-static-key-ciphers ssl-weak-message-authentication-code-algorithms rc4-cve-2013-2566 ssl-cve-2016-2183-sweet32 tls-dhe-export-ciphers-cve-2015-4000].freeze
# Accepts an XML node from Nokogiri::XML.
def initialize(xml_node)
@xml = xml_node
end
@@ -110,11 +110,17 @@
end
def cleanup_html(source)
result = source.to_s
result.gsub!(/<ContainerBlockElement>(.*?)<\/ContainerBlockElement>/m){|m| "#{ $1 }"}
- result.gsub!(/<Paragraph preformat=\"true\">(\s*)<Paragraph preformat=\"true\">(.*?)<\/Paragraph>(\s*)<\/Paragraph>/mi){|m| "\nbc. #{ $2 }\n\n"}
- result.gsub!(/<Paragraph preformat=\"true\">(.*?)<\/Paragraph>/mi){|m| "\nbc. #{ $1 }\n\n"}
+ result.gsub!(/<Paragraph preformat=\"true\">(\s*)<Paragraph preformat=\"true\">(.*?)<\/Paragraph>(\s*)<\/Paragraph>/mi) do
+ text = $2
+ text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
+ end
+ result.gsub!(/<Paragraph preformat=\"true\">(.*?)<\/Paragraph>/mi) do
+ text = $1
+ text[/\n/] ? "\nbc.. #{ text }\n\np. " : "@#{text}@"
+ end
result.gsub!(/<Paragraph>(.*?)<\/Paragraph>/m){|m| "#{ $1 }\n"}
result.gsub!(/<Paragraph>|<\/Paragraph>/, '')
result.gsub!(/<UnorderedList(.*?)>(.*?)<\/UnorderedList>/m){|m| "#{ $2 }"}
result.gsub!(/<OrderedList(.*?)>(.*?)<\/OrderedList>/m){|m| "#{ $2 }"}
result.gsub!(/<ListItem>|<\/ListItem>/, '')