This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Struts XSLT Viewer"
From OWASP
Dinis.cruz (talk | contribs) |
m (Moved page into the right category. See Java space page for me details. Content has not been reviewed in this edit.) |
||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | Here is a quick'n'dirty xslt transformations to quickly visualize Struts config files (very | + | Here is a quick'n'dirty xslt transformations to quickly visualize Struts config files (very useful on security audits) |
Dinis note: Java guys, please edit and link to the correct place | Dinis note: Java guys, please edit and link to the correct place | ||
| Line 174: | Line 174: | ||
</xsl:stylesheet> | </xsl:stylesheet> | ||
</pre> | </pre> | ||
| + | |||
| + | [[Category:Java]] | ||
Latest revision as of 21:52, 10 November 2017
Here is a quick'n'dirty xslt transformations to quickly visualize Struts config files (very useful on security audits)
Dinis note: Java guys, please edit and link to the correct place
sample_struts.xml
<?xml version="1.0" encoding="ISO-8859-1" ?> <?xml-stylesheet type="text/xsl" href="strutsBasicMapping.xslt"?> <!-- general USER mappings --> <struts-config> </struts-config>
strutsBasicMapping.xslt
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xsl:output version="1.0" encoding="utf-8" omit-xml-declaration="no" indent="no" media-type="text/html"/>
<xsl:template match="/struts-config">
<html>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<head>
<style>
body { font-family: Arial; font-size: 14 }
b { font-family: Arial;}
a { text-decoration: none}
i { font-family: verdana}
td { font-family: Arial; font-size: 11 }
li { font-family: Arial; font-size: 11 }
.td_small_font { font-family: Arial; font-size: 11 }
.td_LHS_Menu { font-family: Arial; font-size: 11; font-weight: bold; color: white; text-decoration: none}
.title { font-family: Arial; font-size: 22}
.smallItalic { font-family: verdana; font-size: 08; font-weight: normal;}
</style>
</head>
<body>
<h1>
<span style="font-family:@Arial Unicode MS; font-weight:bold; ">struts-config Basic Mappings</span>
</h1>
<br/>
<h2>Form Beans</h2>
<table border="1">
<tbody>
<tr bgcolor="navy">
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">Form Bean name</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">Form Bean properties</span>
</td>
</tr>
<xsl:for-each select="form-beans/form-bean">
<tr>
<td valign="top">
<b><xsl:value-of select="@name"/></b>
</td>
<td>
<ul><xsl:for-each select="form-property">
<li>
<b><xsl:value-of select="@name"/></b>
: <xsl:value-of select="@type"/>
<xsl:if test="count(@initial)>0">
(initial = <xsl:value-of select="@initial"/>)
</xsl:if>
</li>
</xsl:for-each></ul>
</td>
</tr>
</xsl:for-each>
</tbody>
</table>
<br/>
<h2> global-forwards</h2>
<table border="1" width="100%">
<tbody>
<tr bgcolor="navy">
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">name</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">path</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">redirect</span>
</td>
</tr>
<xsl:for-each select="global-forwards/forward">
<tr>
<td valign="top">
<b><xsl:value-of select="@name"/></b>
</td>
<td valign="top">
<xsl:value-of select="@path"/>
</td>
<td valign="top">
<xsl:value-of select="@redirect"/>
</td>
</tr>
</xsl:for-each>
</tbody>
</table>
<br/>
<h2>action-mappings</h2>
<table border="1">
<tbody>
<tr bgcolor="navy">
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">path</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">name</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">validate</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">parameter</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">type</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">scope</span>
</td>
<td>
<span style="color:#FFFFFF; font-family:@Arial Unicode MS; font-weight:bold; ">Forward</span>
</td>
</tr>
<xsl:for-each select="action-mappings/action">
<tr>
<td valign="top">
<b><xsl:value-of select="@path"/></b>
</td>
<td valign="top">
<b><xsl:value-of select="@name"/></b>
</td>
<td valign="top">
<b><xsl:value-of select="@validate"/></b>
</td>
<td valign="top">
<b><xsl:value-of select="@parameter"/></b>
</td>
<td valign="top">
<b><xsl:value-of select="@type"/></b>
</td>
<td valign="top">
<b><xsl:value-of select="@scope"/></b>
</td>
<td>
<ul><xsl:for-each select="forward">
<li>
<b><xsl:value-of select="@name"/></b>
: <xsl:value-of select="@path"/> : <xsl:value-of select="@redirect"/>
</li>
</xsl:for-each></ul>
</td>
</tr>
</xsl:for-each>
</tbody>
</table>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
