Implementing SECRETS

2019-04-05 16:34:32 +02:00 · 2019-04-05 16:34:32 +02:00 · c1812e5506
commit c1812e5506
parent cadc0f4980
4 changed files with 36 additions and 2 deletions
--- a/xml/RELEASE_NOTES.md
+++ b/xml/RELEASE_NOTES.md
@ -4,7 +4,7 @@ RELEASE NOTES
 April 6th 2019
 --------------

-### Improved pie charts (groundhog edition)
+### Improved pie charts

 Pie charts now need a `@threshold`. This is used to determine which labels get thrown into the 'Other' bin. Useful for long reports with many, many findings of each a different type. Example: 

@ -16,6 +16,11 @@ This piechart for findings by type will lump all types that have a count below _

 __Note:__ To turn this off for a pie chart, set `@threshold` to 1.

+### Implementing secrets
+
+Your very own cold war style censoring mechanism! Censor blocks or inline text in your report by wrapping whatever you don't want visible in `<secret>` tags! Don't forget to add `secrets="hide"` to the `<pentest_report>` root element though, or your classified stuff will be out in the open for all to see!
+
+
 July 5th
 --------

--- a/xml/xslt/generate_report.xsl
+++ b/xml/xslt/generate_report.xsl
@ -20,6 +20,7 @@
    <xsl:import href="numbering.xslt"/>
    <xsl:import href="localisation.xslt"/>
    <xsl:import href="placeholders.xslt"/>
+    <xsl:import href="secrets.xslt"/>
    

    <xsl:output method="xml" version="1.0" encoding="UTF-8" indent="no"/>
--- a/xml/xslt/secrets.xslt
+++ b/xml/xslt/secrets.xslt
@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+    xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:fo="http://www.w3.org/1999/XSL/Format"
+    exclude-result-prefixes="xs" version="2.0">
+
+    <!-- black out anything you don't want seen -->
+    <xsl:template match="secret">
+        <xsl:if test="/pentest_report[@secrets = 'hide']">
+            <xsl:choose>
+                <xsl:when
+                    test="img | p | div | table | section | appendix | ol | ul | pre">
+                    <fo:block xsl:use-attribute-sets="censoredtext" >[ CENSORED ]</fo:block>
+                </xsl:when>
+                <xsl:otherwise>
+                    <fo:inline xsl:use-attribute-sets="censoredtext">[ CENSORED ]</fo:inline>
+                </xsl:otherwise>
+            </xsl:choose>
+        </xsl:if>
+    </xsl:template>
+
+</xsl:stylesheet>
--- a/xml/xslt/styles.xslt
+++ b/xml/xslt/styles.xslt
@ -63,7 +63,14 @@
        <xsl:attribute name="background-color">black</xsl:attribute>
        <xsl:attribute name="color"><xsl:value-of select="$color_moderate"/></xsl:attribute>
    </xsl:attribute-set>
-
+    <xsl:attribute-set name="censoredblock" use-attribute-sets="censoredtext">
+        <xsl:attribute name="padding">5mm</xsl:attribute>
+    </xsl:attribute-set>
+    <xsl:attribute-set name="censoredtext">
+        <xsl:attribute name="background-color">black</xsl:attribute>
+        <xsl:attribute name="color">white</xsl:attribute>
+        <xsl:attribute name="font-weight">bold</xsl:attribute>
+    </xsl:attribute-set>

    <xsl:attribute-set name="title">
        <xsl:attribute name="keep-with-next.within-page">always</xsl:attribute>