mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-09-19 18:55:19 +00:00
Code Releases Activity
36e06603a8
htmlpurifier/tests/HTMLPurifier/HTMLT/tidy-background.htmlt
Edward Z. Yang d3abcb90e3 Rewrite CSS url() and font-family output logic. 
The new logic is as follows:

* Given a URL to insert into url(), check that it is properly URL
  encoded (in particular, a doublequote and backslash never occurs
  within it) and then place it as url("http://example.com").

* Given a font name, if it is strictly alphanumeric, it is safe to omit
  quotes. Otherwise, wrap in double quotes and replace '"' with '\22 '
  (note trailing space) and '\' with '\5C ' (ditto).

We introduce expandCSSEscape() which is a hack for common parsing
idioms in CSS; this means that CSS escapes are now recognized inside
URLs as well as unquoted font names.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-31 18:45:21 -07:00

6 lines
193 B
Plaintext
Raw Blame History

--HTML--
<table background="logo.png"><tr><td>asdf</td></tr></table>
--EXPECT--
<table style="background-image:url(&quot;logo.png&quot;);"><tr><td>asdf</td></tr></table>
--# vim: et sw=4 sts=4
View Git Blame Copy Permalink