What steps will reproduce the problem?
1. case 1
input html : <span style="font-family:'lucida console'">hello</span>
rule :
<property name="font-family" description="">
<category-list>
<category value="visual"/>
</category-list>
<!-- allowing only generic font families -->
<literal-list>
<literal value="'lucida console'"/>
</literal-list>
</property>
1. case 2
input html : <span style="font-family:'lucida console'">hello</span>
rule :
<property name="font-family" description="">
<category-list>
<category value="visual"/>
</category-list>
<!-- allowing only generic font families -->
<literal-list>
<literal value=""lucida console""/>
</literal-list>
</property>
What is the expected output? What do you see instead?
1. case 1
expected : <span style="font-fmaily: 'lucida console';">hello</span>
instead : <span style="">hello</span>
2. case 2
expected : <span style="font-fmaily: 'lucida console';">hello</span>
instead : <span style="font-family: "lucida console";">hello</span>
What version of the product are you using? On what operating system?
product : antisamy 1.4.4
os :Windows 7 x64 Enterprise
Please provide any additional information below.
inline style property that contain space must be single quoted. double quoted
property causes invalid tag.
org.owasp.validator.css.CssValidator.lexicalValueToString should be recognize
inline style or non inline style like below.
case LexicalUnit.SAC_IDENT:
// just a string/identifier
String stringValue = lu.getStringValue();
if (stringValue.indexOf(" ") != -1) {
//inline style property value that contain space must be single qouted
if (isInline) {
stringValue = "'" + stringValue + "'";
} else { //non inline css property value that contain space must be double qouted
stringValue = "\"" + stringValue + "\"";
}
}
return stringValue;
Original issue reported on code.google.com by lemonf...@gmail.com on 13 Mar 2013 at 6:31
Original issue reported on code.google.com by
lemonf...@gmail.comon 13 Mar 2013 at 6:31