Browse Source

restrict matching mf2 classes to only lowercase names

see http://microformats.org/wiki/microformats2-parsing-issues#ignore_u-camelCase_properties for background
pull/39/head
Aaron Parecki 8 years ago
parent
commit
e3ff109b37
3 changed files with 4 additions and 1 deletions
  1. +1
    -1
      lib/Formats/HTMLPurifier_AttrDef_HTML_Microformats2.php
  2. +1
    -0
      tests/SanitizeTest.php
  3. +2
    -0
      tests/data/sanitize.example/entry-with-mf2-classes

+ 1
- 1
lib/Formats/HTMLPurifier_AttrDef_HTML_Microformats2.php View File

@ -32,7 +32,7 @@ class HTMLPurifier_AttrDef_HTML_Microformats2 extends HTMLPurifier_AttrDef_HTML_
{ {
$ret = array(); $ret = array();
foreach ($tokens as $token) { foreach ($tokens as $token) {
if(preg_match('/^([hpue]|dt)-.+/', $token)) {
if(preg_match('/^([hpue]|dt)-[a-z\-]+$/', $token)) {
$ret[] = $token; $ret[] = $token;
} }
} }

+ 1
- 0
tests/SanitizeTest.php View File

@ -79,6 +79,7 @@ class SanitizeTest extends PHPUnit_Framework_TestCase {
$this->assertEquals('entry', $data['data']['type']); $this->assertEquals('entry', $data['data']['type']);
$this->assertContains('<h2 class="p-name">Hello World</h2>', $html); $this->assertContains('<h2 class="p-name">Hello World</h2>', $html);
$this->assertContains('<h3>Utility Class</h3>', $html);
} }
} }

+ 2
- 0
tests/data/sanitize.example/entry-with-mf2-classes View File

@ -12,6 +12,8 @@ Connection: keep-alive
<div class="e-content"> <div class="e-content">
<h2 class="p-name header">Hello World</h2> <h2 class="p-name header">Hello World</h2>
This content has a valid tags that contains microformats classes. This content has a valid tags that contains microformats classes.
<h3 class="u-utilityClass">Utility Class</h3>
The u-utilityClass should not be returned according to http://microformats.org/wiki/microformats2-parsing-issues#ignore_u-camelCase_properties
</div> </div>
</body> </body>
</html> </html>

Loading…
Cancel
Save