[Rt-commit] rt branch, 3.8-trunk, updated. rt-3.8.7-64-g4df2fda

Ruslan Zakirov ruz at bestpractical.com
Wed Dec 30 13:21:32 EST 2009


The branch, 3.8-trunk has been updated
       via  4df2fdacedfffa079792e925514e8a8e1c745f5a (commit)
      from  e8c994826fec67eb6e9a130596b1261e01150be4 (commit)

Summary of changes:
 share/html/Elements/ScrubHTML |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

- Log -----------------------------------------------------------------
commit 4df2fdacedfffa079792e925514e8a8e1c745f5a
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date:   Wed Dec 30 18:20:15 2009 +0300

    don't scrub tables
    
    Leave table, tr, th and td. We ignore thead, tbody and tfoot, don't
    see any good in these. The same applies to colgroup, col elements.
    
    colspan and rowspan attributes are limitted to number.
    
    align and valign attributes are limitted to values defined in HTML 4.01
    spec.

diff --git a/share/html/Elements/ScrubHTML b/share/html/Elements/ScrubHTML
index 7744a85..d6972d8 100644
--- a/share/html/Elements/ScrubHTML
+++ b/share/html/Elements/ScrubHTML
@@ -61,11 +61,15 @@ $scrubber->default(
         target => 1,
         style  => qr{^(?:(?:color:\s*rgb\(\d+,\s*\d+,\s*\d+\))|
                          (?:text-align:\s*))}ix,
+        colspan => qr{^[0-9]+$},
+        rowspan => qr{^[0-9]+$},
+        align   => qr{^(?i:left|center|right|justify|char)$},
+        valign  => qr{^(?i:top|middle|bottom|baseline)$},
     }
 );
 $scrubber->deny(qw[*]);
 $scrubber->allow(
-    qw[A B U P BR I HR BR SMALL EM FONT SPAN STRONG SUB SUP STRIKE H1 H2 H3 H4 H5 H6 DIV UL OL LI DL DT DD PRE]
+    qw[A B U P BR I HR BR SMALL EM FONT SPAN STRONG SUB SUP STRIKE H1 H2 H3 H4 H5 H6 DIV UL OL LI DL DT DD PRE TABLE TR TD TH]
 );
 $scrubber->comment(0);
 </%ONCE>

-----------------------------------------------------------------------


More information about the Rt-commit mailing list