Allows start, end, justify-all and match-parent as text-align values.

After this change, all values currently listed on MDN for text-align are allowed: https://developer.mozilla.org/en-US/docs/Web/CSS/text-align#values

Author: martin-jackson

owasp-java-html-sanitizer/src/main/java/org/owasp/html/CssSchema.java

@@ -452,7 +452,7 @@ Property forKey(String propertyName) {
     Set<String> tableLayoutLiterals0 = j8().setOf(
         "auto", "fixed", "inherit");
     Set<String> textAlignLiterals0 = j8().setOf(
-        "center", "inherit", "justify");
+        "center", "end", "inherit", "justify", "justify-all", "match-parent", "start");
     Set<String> textDecorationLiterals0 = j8().setOf(
         "blink", "line-through", "overline", "underline");
     Set<String> textTransformLiterals0 = j8().setOf(

owasp-java-html-sanitizer/src/test/java/org/owasp/html/HtmlPolicyBuilderTest.java

@@ -1294,6 +1294,23 @@ public final void testHtmlPolicyBuilderDefinitionWithNoAttributesDefinedGlobally
     new HtmlPolicyBuilder().allowElements().allowAttributes().globally().toFactory();
   }
 
+  @Test
+  public final void testCSSTextAlign() {
+    HtmlPolicyBuilder builder = new HtmlPolicyBuilder();
+    PolicyFactory factory = builder.allowElements("span")
+        .allowAttributes("style").onElements("span").allowStyling()
+        .toFactory();
+
+    String toSanitizeTextAlignStart = "<span style=\"text-align:start\">start</span>";
+    assertEquals(toSanitizeTextAlignStart, factory.sanitize(toSanitizeTextAlignStart));
+
+    String toSanitizeTextAlignEnd = "<span style=\"text-align:end\">end</span>";
+    assertEquals(toSanitizeTextAlignEnd, factory.sanitize(toSanitizeTextAlignEnd));
+
+    String toSanitizeTextAlignFoo = "<span style=\"text-align:foo\">foo</span>";
+    assertEquals("foo", factory.sanitize(toSanitizeTextAlignFoo));
+  }
+
   @Test
   public final void testCSSFontSize() {
     HtmlPolicyBuilder builder = new HtmlPolicyBuilder();