search

Laplandia / owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy
0 stars 0 forks source link

cannot pass inline css property #137

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Hi,
I have got the same problem like here: 
http://stackoverflow.com/questions/10221145/antisamy-cannot-pass-inline-css-prop
erty. Defined shorthand-list for css font property doesn't allow for correct 
shortand property with slash:
p {font: italic small-caps bold .9em/1.1 arial,helvetica,sans-serif;}.

What steps will reproduce the problem?
1. Add property rule:
    <property name="font">  
      <literal-list>
        <literal value="x/y"/>
      </literal-list>
    </property>   
2. Try sanitize: <span style="font: x/y;"></span>

What is the expected output? 
<span style="font: x/y;"></span>
What do you see instead?
<span style=""></span>

The problem is that SAXParser (probably) removes slash during parsing html. 
However when we try with:
<span style="font: 'x/y';"></span>
The output will be correct:
<span style="font: x/y;"></span>

What version of the product are you using? On what operating system?
1.3 - 1.6

Please provide any additional information below.
<directive name="useXHTML" value="true"/>
<directive name="formatOutput" value="false"/>

Original issue reported on code.google.com by kamilben...@gmail.com on 27 Jun 2012 at 8:21

GoogleCodeExporter commented 9 years ago

Original comment by arshan.d...@gmail.com on 22 Oct 2012 at 2:29