All values, including empty, are valid HTML bools.

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>

NEWS

@@ -22,6 +22,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 - Update YouTube filter for new code.
 - Fix parsing of rgb() values with spaces in them for 'border'
   attribute.
+- Don't remove foo="" attributes if foo is a boolean attribute.  Thanks
+  valME for reporting.
 
 4.6.0, released 2013-11-30
 # Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret).

library/HTMLPurifier/AttrDef/HTML/Bool.php

@@ -32,9 +32,6 @@ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
      */
     public function validate($string, $config, $context)
     {
-        if (empty($string)) {
-            return false;
-        }
         return $this->name;
     }
 

tests/HTMLPurifier/AttrDef/HTML/BoolTest.php

@@ -7,7 +7,7 @@ class HTMLPurifier_AttrDef_HTML_BoolTest extends HTMLPurifier_AttrDefHarness
     {
         $this->def = new HTMLPurifier_AttrDef_HTML_Bool('foo');
         $this->assertDef('foo');
-        $this->assertDef('', false);
+        $this->assertDef('', 'foo');
         $this->assertDef('bar', 'foo');
     }