Fix for bug in demo hooks-sanitize-css-demo.html

[koosvanderkolk]

I tried to implement this example:
https://github.com/cure53/DOMPurify/blob/main/demos/hooks-sanitize-css-demo.html

but got my styles removed as there seems to be a small bug in the validateStyles function (see comments in below code)

function validateStyles(output, styles) {
  Object.keys(styles).forEach(prop => {  // prop is the index, not the CSS style property
    const value = styles[prop]; // value is the CSS style property
    if (value && typeof value === 'string') {
      const normalizedProp = prop.replace(/([A-Z])/g, '-$1').toLowerCase();
      if (allowed_properties.includes(normalizedProp) && (allow_css_functions || !/\w+\(/.test(value))) {
        output.push(`${normalizedProp}:${value};`);
      }
    }
  });
}

Below function gave me the correct result:

function validateStyles(output, styles) {
  Object.keys(styles).forEach(function(index) {
    if (styles.hasOwnProperty(index)) {
      let normalizedKey = styles[index].replace(/([A-Z])/g, '-$1').toLowerCase();
      if (allowed_properties.includes(normalizedKey)) {
        let value = styles[normalizedKey];
        output.push(`${normalizedKey}:${value};`);
      }
    }
  });
}

[cure53]

Oh, nice, thanks - wanna spin up a PR? 🙂

[cure53]

All sorted, thanks again :)

[koosvanderkolk]

Great thanks!