From cccf13c5f0f33b8e3d27f7258a36ea7295c4fe69 Mon Sep 17 00:00:00 2001 From: Komal Dembla Date: Fri, 22 Jul 2016 08:25:00 +0530 Subject: [PATCH 1/3] Allows uppercase color codes in style --- AUTHORS.rst | 1 + CHANGES.rst | 9 +++++++++ LICENSE | 2 +- html5lib/filters/sanitizer.py | 2 +- html5lib/tests/test_sanitizer.py | 8 ++++++++ 5 files changed, 20 insertions(+), 2 deletions(-) diff --git a/AUTHORS.rst b/AUTHORS.rst index c3820ef7..3097c725 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -42,3 +42,4 @@ Patches and suggestions - Michael[tm] Smith - Marc Abramowitz - Jon Dufresne +- Komal Dembla diff --git a/CHANGES.rst b/CHANGES.rst index 570c9605..93a5d221 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -1,6 +1,15 @@ Change Log ---------- +0.999999999/1.0b11 +~~~~~~~~~~~~~~~~~~ + +Released on XXX + +* Adds uppercase check (A-F) in the css regex to allow sanitizer to pass css + of the format: border: 1px solid #A2A2A2. + + 0.999999999/1.0b10 ~~~~~~~~~~~~~~~~~~ diff --git a/LICENSE b/LICENSE index c87fa7a0..ff6ba202 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright (c) 2006-2013 James Graham and other contributors +Copyright (c) 2006-2013 James Graham, Google Inc. and other contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/html5lib/filters/sanitizer.py b/html5lib/filters/sanitizer.py index b5ddcb93..9e3c1441 100644 --- a/html5lib/filters/sanitizer.py +++ b/html5lib/filters/sanitizer.py @@ -855,7 +855,7 @@ def sanitize_css(self, style): 'padding']: for keyword in value.split(): if keyword not in self.allowed_css_keywords and \ - not re.match("^(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$", keyword): # noqa + not re.match("^(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$", keyword): # noqa break else: clean.append(prop + ': ' + value + ';') diff --git a/html5lib/tests/test_sanitizer.py b/html5lib/tests/test_sanitizer.py index e19deea8..413c7c01 100644 --- a/html5lib/tests/test_sanitizer.py +++ b/html5lib/tests/test_sanitizer.py @@ -113,3 +113,11 @@ def test_sanitizer(): yield (runSanitizerTest, "test_should_allow_uppercase_%s_uris" % protocol, "foo" % (protocol, rest_of_uri), """foo""" % (protocol, rest_of_uri)) + + +def test_should_handle_uppercase_color_codes_in_style(): + sanitized = sanitize_html("

") + print sanitized + expected = '

' + print expected + assert expected == sanitized From d43fa3b8a53f08fc75e12fe1276de1739abe017c Mon Sep 17 00:00:00 2001 From: komaldembla Date: Fri, 22 Jul 2016 13:14:14 +0530 Subject: [PATCH 2/3] Removes logging statements --- html5lib/tests/test_sanitizer.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/html5lib/tests/test_sanitizer.py b/html5lib/tests/test_sanitizer.py index 413c7c01..ff86cf6c 100644 --- a/html5lib/tests/test_sanitizer.py +++ b/html5lib/tests/test_sanitizer.py @@ -117,7 +117,5 @@ def test_sanitizer(): def test_should_handle_uppercase_color_codes_in_style(): sanitized = sanitize_html("

") - print sanitized expected = '

' - print expected assert expected == sanitized From 03dd1fd6065a2e1b373c7028ce6becdf6355f2f7 Mon Sep 17 00:00:00 2001 From: komaldembla Date: Tue, 8 Nov 2016 11:43:36 +0530 Subject: [PATCH 3/3] Remove Google Inc. from LICENSE --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index ff6ba202..c87fa7a0 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright (c) 2006-2013 James Graham, Google Inc. and other contributors +Copyright (c) 2006-2013 James Graham and other contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the