diff --git a/CHANGELOG.md b/CHANGELOG.md index 8081fa16..4512ab90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ * Expand set of allowed protocols to include `tel:` and `line:`. [#104, #147] * Expand set of allowed CSS functions. [related to #122] * Allow greater precision in shorthand CSS values. [#149] (Thanks, @danfstucky!) +* Allow CSS property `list-style` ### Bug fixes diff --git a/lib/loofah/html5/whitelist.rb b/lib/loofah/html5/whitelist.rb index 385cbf70..467c1d6d 100644 --- a/lib/loofah/html5/whitelist.rb +++ b/lib/loofah/html5/whitelist.rb @@ -574,6 +574,7 @@ module WhiteList "height", "letter-spacing", "line-height", + "list-style", "list-style-type", "overflow", "pause", diff --git a/test/html5/test_sanitizer.rb b/test/html5/test_sanitizer.rb index 49c3974c..b139bcff 100755 --- a/test/html5/test_sanitizer.rb +++ b/test/html5/test_sanitizer.rb @@ -263,6 +263,12 @@ def test_figure_element_is_valid end end + def test_css_list_style + html = '' + sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml) + assert_match %r/list-style/, sane.inner_html + end + def test_css_negative_value_sanitization html = "" sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)