Skip to content

Commit

Permalink
Merge pull request #162 from jaredbeck/allow_list-style
Browse files Browse the repository at this point in the history
Allow CSS property `list-style`
  • Loading branch information
flavorjones authored Apr 23, 2019
2 parents 5e014f5 + 1a82f4d commit 8220c70
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
* Expand set of allowed protocols to include `tel:` and `line:`. [#104, #147]
* Expand set of allowed CSS functions. [related to #122]
* Allow greater precision in shorthand CSS values. [#149] (Thanks, @danfstucky!)
* Allow CSS property `list-style`


### Bug fixes
Expand Down
1 change: 1 addition & 0 deletions lib/loofah/html5/whitelist.rb
Original file line number Diff line number Diff line change
Expand Up @@ -574,6 +574,7 @@ module WhiteList
"height",
"letter-spacing",
"line-height",
"list-style",
"list-style-type",
"overflow",
"pause",
Expand Down
6 changes: 6 additions & 0 deletions test/html5/test_sanitizer.rb
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,12 @@ def test_figure_element_is_valid
end
end

def test_css_list_style
html = '<ul style="list-style: none"></ul>'
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
assert_match %r/list-style/, sane.inner_html
end

def test_css_negative_value_sanitization
html = "<span style=\"letter-spacing:-0.03em;\">"
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
Expand Down

0 comments on commit 8220c70

Please sign in to comment.