From 38a59ef5b8f37264a5e191128d276770ec32c544 Mon Sep 17 00:00:00 2001
From: "Edward Z. Yang" <edwardzyang@thewritingpot.com>
Date: Sun, 6 Jan 2008 05:36:48 +0000
Subject: [PATCH] Completely remove style if naughty selector is found. This is
 for compatibility reasons until Tidy 1.4 is released.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1480 48356398-32a2-884e-a903-53898d9a118a
---
 library/HTMLPurifier/Filter/ExtractStyleBlocks.php   | 10 ++--------
 tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php | 10 ++--------
 2 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/library/HTMLPurifier/Filter/ExtractStyleBlocks.php b/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
index 0c61a850..0c8b9e60 100644
--- a/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
+++ b/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
@@ -124,12 +124,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
                 $selector = trim($selector);
                 if ($selector === '') continue; // should not happen
                 if ($selector[0] === '+') {
-                    while ($selector !== '' && $selector[0] === '+') {
-                        // we need to perform this multiple times
-                        // to prevent +++ from getting through
-                        $selector = trim(substr($selector, 1));
-                    }
-                    if ($selector === '') continue;
+                    if ($selector !== '' && $selector[0] === '+') continue;
                 }
                 if (!empty($scopes)) {
                     $new_selector = array(); // because multiple ones are possible
@@ -160,8 +155,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
         $this->_tidy->import = array();
         $this->_tidy->charset = null;
         $this->_tidy->namespace = null;
-        $printer = new csstidy_print($this->_tidy);
-        $css = $printer->plain();
+        $css = $this->_tidy->print->plain();
         // we are going to escape any special characters <>& to ensure
         // that no funny business occurs (i.e. </style> in a font-family prop).
         if ($config->get('Filter', 'ExtractStyleBlocksEscaping')) {
diff --git a/tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php b/tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php
index 51e789d5..2dd99be8 100644
--- a/tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php
+++ b/tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php
@@ -129,18 +129,12 @@ class HTMLPurifier_Filter_ExtractStyleBlocksTest extends HTMLPurifier_Harness
     
     function test_cleanCSS_scopeWithNaughtySelector() {
         $this->config->set('Filter', 'ExtractStyleBlocksScope', '#foo');
-        $this->assertCleanCSS(
-            "  + p {\ntext-indent:1em;\n}",
-            "#foo p {\ntext-indent:1em;\n}"
-        );
+        $this->assertCleanCSS("  + p {\ntext-indent:1em;\n}", '');
     }
     
     function test_cleanCSS_scopeWithMultipleNaughtySelectors() {
         $this->config->set('Filter', 'ExtractStyleBlocksScope', '#foo');
-        $this->assertCleanCSS(
-            "  ++ ++ p {\ntext-indent:1em;\n}",
-            "#foo p {\ntext-indent:1em;\n}"
-        );
+        $this->assertCleanCSS("  ++ ++ p {\ntext-indent:1em;\n}", '');
     }
     
     function test_cleanCSS_scopeWithCommas() {