Valid font shorthand is filtered #554
Comments
jonah1und1
added a commit
to jonah1und1/antisamy
that referenced
this issue
Feb 5, 2025
…Validator to fix font shorthand parsing
|
@spassarop - Can you look at this issue and the PR too? |
jonah1und1
added a commit
to jonah1und1/antisamy
that referenced
this issue
Feb 19, 2025
# Conflicts: # src/test/java/org/owasp/validator/html/test/AntiSamyTest.java
davewichers
pushed a commit
that referenced
this issue
Feb 19, 2025
…tor to fix font shorthand parsing (#555)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Antisamy seems to filter out a valid inline font shorthand if
font-sizeandline-heightare defined using the/syntax.Expected behaviour
Given the default policy, the following inline style should not be filtered:
Current behaviour
Scanning this inline style results in it getting removed and Antisamy stating:
Possible fix
The method :
is missing an entry for
LexicalUnit.SAC_OPERATOR_SLASH, which seems to cause this bug.I've created a PR to address this issue: #555.
Please feel free to review.
Thank you!
The text was updated successfully, but these errors were encountered: