From 5e95ecaad0a533b6aae36361706e7a5028cd1841 Mon Sep 17 00:00:00 2001 From: Benny Powers Date: Wed, 3 May 2023 12:56:13 +0300 Subject: [PATCH] injections(html): event attributes (#4750) injections(html): inject javascript into event attributes Adds javascript injections to HTML `onevent` attributes. --- queries/html_tags/injections.scm | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/queries/html_tags/injections.scm b/queries/html_tags/injections.scm index e8926b6b8..9e02fc21b 100644 --- a/queries/html_tags/injections.scm +++ b/queries/html_tags/injections.scm @@ -66,3 +66,10 @@ (attribute_value) @regex ] (#eq? @_attr "pattern"))) )) + +; +(attribute + (attribute_name) @_name + (#lua-match? @_name "^on[a-z]+$") + (#offset! @javascript 0 1 0 -1) + (quoted_attribute_value) @javascript)