diff --git a/docs/progress.html b/docs/progress.html
index 89f1f83d..d4a825ae 100644
--- a/docs/progress.html
+++ b/docs/progress.html
@@ -137,31 +137,31 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;}
| background | Depends on background-* |
| border | COMPOSITE |
| border-color | - |
-| border-style | ENUM(none, hidden, dotted, dashed,
+ |
| border-style | ENUM(none, hidden, dotted, dashed,
solid, double, groove, ridge, inset, outset) |
| border-width | - |
| border-* | COMPOSITE |
| border-*-color | - |
| border-*-style | - |
| border-*-width | - |
-| clear | ENUM(none, left, right, both) |
+| clear | ENUM(none, left, right, both) |
| color | - |
-| float | ENUM(left, right, none), May require layout
+ |
| float | ENUM(left, right, none), May require layout
precautions with clear |
| font | COMPOSITE |
| font-family | CSS validator may complain if fallback font
family not specified |
| font-size | - |
-| font-style | ENUM(normal, italic, oblique) |
-| font-variant | ENUM(normal, small-caps) |
-| font-weight | ENUM(normal, bold, bolder, lighter,
+ |
| font-style | ENUM(normal, italic, oblique) |
+| font-variant | ENUM(normal, small-caps) |
+| font-weight | ENUM(normal, bold, bolder, lighter,
100, 200, 300, 400, 500, 600, 700, 800, 900), maybe special code for
in-between integers |
| letter-spacing | - |
| line-height | - |
-| list-style-position | ENUM(inside, outside),
+ |
| list-style-position | ENUM(inside, outside),
Strange behavior in browsers |
-| list-style-type | ENUM(...),
+ |
| list-style-type | ENUM(...),
Well-supported values are: disc, circle, square,
decimal, lower-roman, upper-roman, lower-alpha and upper-alpha. See also
CSS 3. Mostly IE lack of support. |
@@ -176,7 +176,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;}
enum, can be combined (composite sorta): underline, overline,
line-through
| text-indent | - |
-| text-transform | ENUM(capitalize, uppercase,
+ |
| text-transform | ENUM(capitalize, uppercase,
lowercase, none) |
| width | Interesting |
| word-spacing | IE 5 no support |
diff --git a/library/HTMLPurifier/AttrDef/CSS.php b/library/HTMLPurifier/AttrDef/CSS.php
index 2ac18993..00fd3fd5 100644
--- a/library/HTMLPurifier/AttrDef/CSS.php
+++ b/library/HTMLPurifier/AttrDef/CSS.php
@@ -21,11 +21,21 @@ class HTMLPurifier_AttrDef_CSS
if (!strpos($declaration, ':')) continue;
list($property, $value) = explode(':', $declaration, 2);
if (!isset($definition->info[$property])) continue;
- $result = $definition->info[$property]->validate($value,$config,$context);
+ // inefficient call, since the validator will do this again
+ // inherit works for everything
+ if (strtolower(trim($value)) !== 'inherit') {
+ $result = $definition->info[$property]->validate(
+ $value, $config, $context );
+ } else {
+ $result = 'inherit';
+ }
if ($result === false) continue;
$propvalues[$property] = $result;
}
+ // slightly inefficient, but it's the only way of getting rid of
+ // duplicates. Perhaps config to optimize it, but not now.
+
$new_declarations = '';
foreach ($propvalues as $prop => $value) {
$new_declarations .= "$prop:$value;";
diff --git a/library/HTMLPurifier/CSSDefinition.php b/library/HTMLPurifier/CSSDefinition.php
index e47b8de3..769d4212 100644
--- a/library/HTMLPurifier/CSSDefinition.php
+++ b/library/HTMLPurifier/CSSDefinition.php
@@ -22,6 +22,30 @@ class HTMLPurifier_CSSDefinition
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
array('left', 'right', 'center', 'justify'), false);
+ $this->info['border-style'] = new HTMLPurifier_AttrDef_Enum(
+ array('none', 'hidden', 'dotted', 'dashed', 'solid', 'double',
+ 'groove', 'ridge', 'inset', 'outset'), false);
+ $this->info['clear'] = new HTMLPurifier_AttrDef_Enum(
+ array('none', 'left', 'right', 'both'), false);
+ $this->info['float'] = new HTMLPurifier_AttrDef_Enum(
+ array('none', 'left', 'right'), false);
+ $this->info['font-style'] = new HTMLPurifier_AttrDef_Enum(
+ array('normal', 'italic', 'oblique'), false);
+ $this->info['font-variant'] = new HTMLPurifier_AttrDef_Enum(
+ array('normal', 'small-caps'), false);
+ $this->info['list-style-position'] = new HTMLPurifier_AttrDef_Enum(
+ array('inside', 'outside'), false);
+ $this->info['list-style-type'] = new HTMLPurifier_AttrDef_Enum(
+ array('disc', 'circle', 'square', 'decimal', 'lower-roman',
+ 'upper-roman', 'lower-alpha', 'upper-alpha'), false);
+ $this->info['text-transform'] = new HTMLPurifier_AttrDef_Enum(
+ array('capitalize', 'uppercase', 'lowercase', 'none'), false);
+
+ // this could use specialized code
+ $this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum(
+ array('normal', 'bold', 'bolder', 'lighter', '100', '200', '300',
+ '400', '500', '600', '700', '800', '900'), false);
+
}
diff --git a/tests/HTMLPurifier/AttrDef/CSSTest.php b/tests/HTMLPurifier/AttrDef/CSSTest.php
index ae1694d9..8fdcd04c 100644
--- a/tests/HTMLPurifier/AttrDef/CSSTest.php
+++ b/tests/HTMLPurifier/AttrDef/CSSTest.php
@@ -9,9 +9,36 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
$this->def = new HTMLPurifier_AttrDef_CSS();
+ // regular cases, singular
$this->assertDef('text-align:right;');
+ $this->assertDef('border-style:solid;');
+ $this->assertDef('clear:right;');
+ $this->assertDef('float:left;');
+ $this->assertDef('font-style:italic;');
+ $this->assertDef('font-variant:small-caps;');
+ $this->assertDef('font-weight:bold;');
+ $this->assertDef('list-style-position:outside;');
+ $this->assertDef('list-style-type:upper-roman;');
+ $this->assertDef('text-transform:capitalize;');
+
+ // duplicates
$this->assertDef('text-align:right;text-align:left;', 'text-align:left;');
+ // a few composites
+ $this->assertDef('font-variant:small-caps;font-weight:900;');
+ $this->assertDef('float:right;text-align:right;');
+
+ // selective removal
+ $this->assertDef('text-transform:capitalize;destroy:it;', 'text-transform:capitalize;');
+
+ // inherit works for everything
+ $this->assertDef('text-align:inherit;');
+
+ // bad props
+ $this->assertDef('nodice:foobar;', false);
+ $this->assertDef('position:absolute;', false);
+ $this->assertDef('background-image:url(javascript:alert\(\));', false);
+
}
}