XEP template: add `<cve>` element for security vulnerabilities

This commit is contained in:
Georg Lukas 2021-04-07 18:59:10 +02:00
parent 99afa86c07
commit 8056721f8e
5 changed files with 53 additions and 6 deletions

View File

@ -109,6 +109,8 @@
<query xmlns='http://jabber.org/protocol/disco#items'/>
</iq>
]]></example>
<cve id="2017-5589" url="https://rt-solutions.de/en/cve-2017-5589_xmpp_carbons/">Name of a CVE relevant to the XEP</cve>
<cve id="2017-5589">Another CVE with no primary source</cve>
<section3 topic='3rd Level Heading' anchor='syling-examples-3rd'>
<p>Text in a Sub-Sub-Section.</p>
<section4 topic='4th Level Heading' anchor='syling-examples-4th'>

16
xep.dtd
View File

@ -68,27 +68,27 @@ THE SOFTWARE.
<!ELEMENT initials (#PCDATA)* >
<!ELEMENT remark (#PCDATA | p | ul)* >
<!ELEMENT councilnote (#PCDATA)* >
<!ELEMENT section1 ( div | p | section2 | example | code | ul | ol | dl | table )* >
<!ELEMENT section1 ( div | p | section2 | example | code | cve | ul | ol | dl | table )* >
<!ATTLIST section1
topic CDATA ''
anchor CDATA '' >
<!ELEMENT section2 ( div | p | section3 | example | code | ul | ol | dl | table )* >
<!ELEMENT section2 ( div | p | section3 | example | code | cve | ul | ol | dl | table )* >
<!ATTLIST section2
topic CDATA ''
anchor CDATA '' >
<!ELEMENT section3 ( div | p | section4 | example | code | ul | ol | dl | table )* >
<!ELEMENT section3 ( div | p | section4 | example | code | cve | ul | ol | dl | table )* >
<!ATTLIST section3
topic CDATA ''
anchor CDATA '' >
<!ELEMENT section4 ( div | p | section5 | example | code | ul | ol | dl | table )* >
<!ELEMENT section4 ( div | p | section5 | example | code | cve | ul | ol | dl | table )* >
<!ATTLIST section4
topic CDATA ''
anchor CDATA '' >
<!ELEMENT section5 ( div | p | example | code | ul | ol | dl | table )* >
<!ELEMENT section5 ( div | p | example | code | cve | ul | ol | dl | table )* >
<!ATTLIST section5
topic CDATA ''
anchor CDATA '' >
<!ELEMENT div ( #PCDATA | div | p | example | code | ul | ol | dl | table | blockquote )* >
<!ELEMENT div ( #PCDATA | div | p | example | code | cve | ul | ol | dl | table | blockquote )* >
<!ATTLIST div
class CDATA ''
style CDATA '' >
@ -130,6 +130,10 @@ THE SOFTWARE.
<!ATTLIST example caption CDATA '' >
<!ELEMENT code (#PCDATA | span | em | strong)* >
<!ATTLIST code caption CDATA '' >
<!ELEMENT cve (#PCDATA)* >
<!ATTLIST cve
id CDATA ''
url CDATA '' >
<!ELEMENT table (tr)* >
<!ATTLIST table caption CDATA '' >
<!ELEMENT tr ( th | td )* >

16
xep.xsd
View File

@ -209,6 +209,7 @@ THE SOFTWARE.
<xs:complexType>
<xs:choice maxOccurs='unbounded'>
<xs:element ref='code' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='cve' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='div' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='dl' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='example' minOccurs='0' maxOccurs='unbounded'/>
@ -227,6 +228,7 @@ THE SOFTWARE.
<xs:complexType>
<xs:choice maxOccurs='unbounded'>
<xs:element ref='code' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='cve' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='div' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='dl' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='example' minOccurs='0' maxOccurs='unbounded'/>
@ -245,6 +247,7 @@ THE SOFTWARE.
<xs:complexType>
<xs:choice maxOccurs='unbounded'>
<xs:element ref='code' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='cve' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='div' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='dl' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='example' minOccurs='0' maxOccurs='unbounded'/>
@ -263,6 +266,7 @@ THE SOFTWARE.
<xs:complexType>
<xs:choice maxOccurs='unbounded'>
<xs:element ref='code' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='cve' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='div' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='dl' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='example' minOccurs='0' maxOccurs='unbounded'/>
@ -283,6 +287,7 @@ THE SOFTWARE.
<xs:element ref='p' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='example' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='code' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='cve' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='ul' minOccurs='0' maxOccurs='unbounded'/>
<xs:element ref='ol' minOccurs='0' maxOccurs='unbounded'/>
</xs:choice>
@ -379,6 +384,17 @@ THE SOFTWARE.
</xs:complexType>
</xs:element>
<xs:element name='cve'>
<xs:complexType>
<xs:simpleContent>
<xs:extension base='xs:string'>
<xs:attribute name='id' use='required'/>
<xs:attribute name='url' use='optional'/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name='table'>
<xs:complexType>
<xs:sequence>

20
xep.xsl
View File

@ -1015,6 +1015,26 @@ content: "XEP-<xsl:value-of select='/xep/header/number'/>";
</figure>
</xsl:template>
<xsl:template match='cve'>
<figure class='cve'>
<figcaption>CVE-<xsl:value-of select='@id'/>
(<a><xsl:attribute name='href'>https://nvd.nist.gov/vuln/detail/CVE-<xsl:value-of select='@id'/></xsl:attribute>NIST</a>,
<a><xsl:attribute name='href'>https://cve.mitre.org/cgi-bin/cvename.cgi?name=<xsl:value-of select='@id'/></xsl:attribute>Mitre</a>)
</figcaption>
<xsl:choose>
<xsl:when test="@url != ''">
<a>
<xsl:attribute name='href'><xsl:value-of select='@url'/></xsl:attribute>
<xsl:apply-templates/>
</a>
</xsl:when>
<xsl:otherwise>
<xsl:apply-templates/>
</xsl:otherwise>
</xsl:choose>
</figure>
</xsl:template>
<xsl:template match='img'>
<img>
<xsl:attribute name='alt'><xsl:value-of select='@alt'/></xsl:attribute>

View File

@ -1290,6 +1290,11 @@
padding: 1.5em;
border: 1px solid rgba(19, 181, 234, 1.0);
}
figure.cve {
padding: 1.5em;
background-color: rgba(255, 220, 220, 1.0);
border: 5px solid rgba(180, 0, 0, 1.0);
}
figure > figcaption {
margin-bottom: 0.5em;