style attribute stripped from svg tag

[danielgratzl]

The following does not work, it does not keep the style attribute on the SVG tag

new HtmlSanitizer(
            new []{ "svg"}, 
            null, 
            new [] { "href", "target", "src", "height", "width", 
                "version", "xmlns", "xmlns:xlink", "viewBox", "style" }, 
            null, 
            new [] { "max-width" });

<svg version=""1.1"" xmlns=""http://www.w3.org/2000/svg"" 
     xmlns:xlink=""http://www.w3.org/1999/xlink"" 
     viewBox=""0 0 552 676"" 
     style=""max-width: 552;"">
...
</svg>

[mganss]

Does #287 help?

[reesoo]

Maybe "max-width" is removed because the unit after "552" is missing?

I noticed that the following style="margin-bottom:0;margin-right:0;margin-left:40;float:right;" is sanitized to style="margin-bottom: 0; margin-right: 0; float: right" without triggering a RemovingStyle event. If I add units to the margin values "margin-left" is not removed. E.g. style="margin-bottom:0px;margin-right:0px;margin-left:40px;float:right;" is then sanitized to style="margin-bottom: 0; margin-right: 0; margin-left: 40px; float: right".

This behaviour changed in the last few years (I did not update HtmlSanitizer and AngleSharp for a longer period). Is there a possibility to get back the old behaviour?

[mganss]

It seems that leaving out the unit after nonzero values is invalid syntax. On MDN it says:

The length unit is optional after the number 0.

CSS parsing is performed through AngleSharp so it is most likely impossible to get back the old behavior. You can check the AngleSharp docs if there is an option to change the parsing behavior. If there is, you can create a customized parser object through HtmlSanitizer's HtmlParserFactory property.

[danielgratzl]

Thanks you for the feedback. Specifying the unit does indeed solve the issue for us.