Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generated HTML5 inadequately protects h2 in header #150

Closed
asylumcs opened this issue Jan 6, 2023 · 8 comments
Closed

Generated HTML5 inadequately protects h2 in header #150

asylumcs opened this issue Jan 6, 2023 · 8 comments

Comments

@asylumcs
Copy link
Contributor

asylumcs commented Jan 6, 2023

Reference two files on the landing page for etext 69058, the as submitted HTML and the generated HTML5.
The generated HTML5 replaces the as-submitted tag with an <h2> but it inadequately protects the <h2> tag from the post-processor's CSS. An inline "style=" is used to partially protect from user's CSS but it is incomplete. It lacks assuring the default values (see this page for h2's defaults). Even that would be inadequate for this etext, since the post-processor has styled the h2 with a letter-spacing attribute, which is not in the W3C list.
To close this issue, it seems that the h2 generated by the HTML5 conversion code must be hardened against user styling all h2's in CSS.
@eshellman
Copy link
Collaborator

The letter-spacing CSS attribute is allowed by PG. We could add every possible attribute to every styled element in the generated text, or we could ask the PP not to do that.

As it's likely that the generated text will be redesigned in Ebookmaker v0.13 (see discussion here: #139 ) We won't address this in v0.12.

@asylumcs
Copy link
Contributor Author

asylumcs commented Jan 9, 2023

Perhaps consider adding "all: initial" to tags used in the header and footer to assure that user's CSS does not get applied to header/footer elements.

@eshellman
Copy link
Collaborator

strange. the HTML5 validator doesn't like it: error: CSS: “all”: Property “all” doesn't exist.

@nfenwick
Copy link

Yes that's a surprise. I don't know what validator you are using to get it to fail. Its usage is described here in the CSS Cascading and Inheritance Level 3 documentation, which has REC status. It validates just fine with this validator, which is the only one I use for HTML5.

@nfenwick
Copy link

Whoops. Now that it's posted, I see I was logged in as Nell, not myself. --Roger

@eshellman
Copy link
Collaborator

can confirm it validates with the current nu validator. (23.1.8) I was hoping this would be easy, but maybe I need to fix my nu validator and maybe update others.

@eshellman
Copy link
Collaborator

production has 20.6.30 I have 20.6.30 online ebookmaker has 23.1.11

@eshellman
Copy link
Collaborator

As part of the header refactor, all: initial has been added to a number of styles in the header stylesheet - see ebookmaker.writers.HTMLTemplates I found that it was too big a hammer to use on everything, so it's still possible for the user's stylesheet to modify the header styling, but the use of #pg-header in the selector should minimize inadvertent style leakage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eshellman @asylumcs @nfenwick