hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-19 02:42:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

test: comprehensive content security tests (47 tests)

Browse Source 
Covers all 4 defense layers:
- Datamarking: marker format, session consistency, text-only application
- Content envelope: wrapping, ZWSP marker escaping, filter warnings
- Content filter hooks: URL blocklist, custom filters, warn/block modes
- Instruction block: SECURITY section content, ordering, generation
- Centralized wrapping: source-level verification of integration
- Chain security: recursion guard, rate-limit exemption, activity suppression
- Hidden element stripping: 7 CSS techniques, ARIA injection, false positives
- Snapshot split format: scoped vs root output, resume integration

Also fixes: visibility:hidden detection, case-insensitive ARIA pattern matching.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-04-05 11:25:19 -07:00
parent 5dd2491a2f
commit 11d74038c3
2 changed files with 466 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
browse/src/content-security.ts
View File

@@ -126,6 +126,11 @@ export async function markHiddenElements(page: Page | Frame): Promise<string[]>
isHidden = true;
reason = 'clip hiding';
}
// Check visibility: hidden
else if (style.visibility === 'hidden') {
isHidden = true;
reason = 'visibility hidden';
}
if (isHidden) {
el.setAttribute('data-gstack-hidden', 'true');
@@ -143,7 +148,7 @@ export async function markHiddenElements(page: Page | Frame): Promise<string[]>
if (labelText) {
for (const pattern of ariaPatterns) {
if (new RegExp(pattern).test(labelText)) {
if (new RegExp(pattern, 'i').test(labelText)) {
el.setAttribute('data-gstack-hidden', 'true');
found.push(`[${el.tagName.toLowerCase()}] ARIA injection: "${labelText.slice(0, 60)}..."`);
break;