diff --git a/NEWS b/NEWS index d28d660b..d5ab1b37 100644 --- a/NEWS +++ b/NEWS @@ -15,6 +15,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier does not do the "right thing" with characters not supported in the output set. - Spellcheck UTF-8: The Secret To Character Encoding +- Fix improper removal of the contents of elements with only whitespace. Thanks + Eric Wald for reporting. . Add verbose mode to command line test runner, use (--verbose) . Turn on unit tests for UnitConverter . Fix missing version number in configuration %Attr.DefaultImageAlt (added 3.2.0) diff --git a/TODO b/TODO index 1e00bdd6..34754bf5 100644 --- a/TODO +++ b/TODO @@ -15,7 +15,6 @@ afraid to cast your vote for the next feature to be implemented! prevent structures from being parsed and serialized multiple times. - Built-in support for target="_blank" on all external links - Allow -- Implement overflow CSS property (as per jlp09550) - Convert configuration to allow an arbitrary number of namespaces; then rename as appropriate. diff --git a/library/HTMLPurifier/ChildDef/Optional.php b/library/HTMLPurifier/ChildDef/Optional.php index dcf39cdc..443c9d06 100644 --- a/library/HTMLPurifier/ChildDef/Optional.php +++ b/library/HTMLPurifier/ChildDef/Optional.php @@ -13,8 +13,10 @@ class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required public $type = 'optional'; public function validateChildren($tokens_of_children, $config, $context) { $result = parent::validateChildren($tokens_of_children, $config, $context); + // we assume that $tokens_of_children is not modified if ($result === false) { if (empty($tokens_of_children)) return true; + elseif ($this->whitespace) return $tokens_of_children; else return array(); } return $result; diff --git a/library/HTMLPurifier/ChildDef/Required.php b/library/HTMLPurifier/ChildDef/Required.php index 2009fc88..9e0afe33 100644 --- a/library/HTMLPurifier/ChildDef/Required.php +++ b/library/HTMLPurifier/ChildDef/Required.php @@ -10,6 +10,10 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef * @public */ public $elements = array(); + /** + * Whether or not the last passed node was all whitespace. + */ + protected $whitespace = false; /** * @param $elements List of allowed element names (lowercase). */ @@ -31,6 +35,9 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef public $allow_empty = false; public $type = 'required'; public function validateChildren($tokens_of_children, $config, $context) { + // Flag for subclasses + $this->whitespace = false; + // if there are no tokens, delete parent node if (empty($tokens_of_children)) return false; @@ -98,7 +105,10 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef } } if (empty($result)) return false; - if ($all_whitespace) return false; + if ($all_whitespace) { + $this->whitespace = true; + return false; + } if ($tokens_of_children == $result) return true; return $result; } diff --git a/tests/HTMLPurifier/ChildDef/OptionalTest.php b/tests/HTMLPurifier/ChildDef/OptionalTest.php index ecbc5927..8ae076c5 100644 --- a/tests/HTMLPurifier/ChildDef/OptionalTest.php +++ b/tests/HTMLPurifier/ChildDef/OptionalTest.php @@ -20,5 +20,12 @@ class HTMLPurifier_ChildDef_OptionalTest extends HTMLPurifier_ChildDefHarness $this->assertResult(''); } + function testWhitespace() { + $this->assertResult(' '); + } + + function testMultipleWhitespace() { + $this->assertResult(' '); + } + } - diff --git a/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt b/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt new file mode 100644 index 00000000..0e43f586 --- /dev/null +++ b/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt @@ -0,0 +1,3 @@ +--HTML-- +Foo bar +