mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-09-19 10:45:18 +00:00
Code Releases Activity

Permit underscores in font-families.

Browse Source 
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang 2012-07-27 18:28:29 -04:00
parent f90372f8ab
commit d8bb73ce46
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@ -16,6 +16,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
but this may break some clients. but this may break some clients.
! Support display:inline-block ! Support display:inline-block
! Support for more white-space CSS values. ! Support for more white-space CSS values.
! Permit underscores in font families
- Use prepend for SPL autoloading on PHP 5.3 and later. - Use prepend for SPL autoloading on PHP 5.3 and later.
- Fix bug with nofollow transform when pre-existing rel exists. - Fix bug with nofollow transform when pre-existing rel exists.
- Fix bug where background:url() always gets lower-cased - Fix bug where background:url() always gets lower-cased

4
library/HTMLPurifier/AttrDef/CSS/FontFamily.php
View File

@ -9,7 +9,7 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
protected $mask = null; protected $mask = null;
public function __construct() { public function __construct() {
$this->mask = '- '; $this->mask = '_- ';
for ($c = 'a'; $c <= 'z'; $c++) $this->mask .= $c; for ($c = 'a'; $c <= 'z'; $c++) $this->mask .= $c;
for ($c = 'A'; $c <= 'Z'; $c++) $this->mask .= $c; for ($c = 'A'; $c <= 'Z'; $c++) $this->mask .= $c;
for ($c = '0'; $c <= '9'; $c++) $this->mask .= $c; // cast-y, but should be fine for ($c = '0'; $c <= '9'; $c++) $this->mask .= $c; // cast-y, but should be fine
@ -165,7 +165,7 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
// extensive research, we may feel comfortable with dropping // extensive research, we may feel comfortable with dropping
// it down to edgy. // it down to edgy.
// Edgy: alphanumeric, spaces, dashes and Unicode. Use of // Edgy: alphanumeric, spaces, dashes, underscores and Unicode. Use of
// str(c)spn assumes that the string was already well formed // str(c)spn assumes that the string was already well formed
// Unicode (which of course it is). // Unicode (which of course it is).
if (strspn($font, $this->mask) !== strlen($font)) { if (strspn($font, $this->mask) !== strlen($font)) {