@@ -3,8 +3,9 @@ module CssSanitize def custom_css=(text) # Mostly stolen from http://code.sixapart.com/svn/CSS-Cleaner/trunk/lib/CSS/Cleaner.pm - text = "Error: invalid/disallowed characters in CSS" if text =~ /\w\/\/*/ # a comment immediately following a letter - text = "Error: invalid/disallowed characters in CSS" if text =~ /\/\*\// # /*/ --> hack attempt, IMO + text = "Error: invalid/disallowed characters in CSS" if text =~ /(\w\/\/)/ # a// comment immediately following a letter + text = "Error: invalid/disallowed characters in CSS" if text =~ /(\w\/\/*\*)/ # a/* comment immediately following a letter + text = "Error: invalid/disallowed characters in CSS" if text =~ /(\/\*\/)/ # /*/ --> hack attempt, IMO # Now, strip out any comments, and do some parsing. no_comments = text.gsub(/(\/\*.*?\*\/)/, "") # filter out any /* ... */ lib/css_sanitize.rb @@ -63,9 +63,13 @@ STR @site.custom_css = string @site.custom_css.should == "Error: invalid/disallowed characters in CSS" end - + end + + + it "allows good css" do good_strings = [ ".test { color: red; border: 1px solid brown; }", + "h1 { background: url(http://foobar.com/meh.jpg)}", "div.foo { width: 500px; height: 200px; }", "GI b gkljfl kj { { { ********" # gibberish, but should work. ] @@ -108,9 +112,4 @@ STR @site.custom_css.should == "Error: invalid/disallowed characters in CSS" end - it "allows good css" do - @site.custom_css = "a:link { color: red }" - @site.custom_css.should == "a:link { color: red }" - end - end \ No newline at end of file test/css_sanitize_test.rb d2be0fecf753bcff9ccb7bf96c4172a23d526e26 c3 courtenay@entp.com http://github.com/courtenay/css_file_sanitize/commit/f889f4fa7b6e5a18474685c22dcad631561032d6 f889f4fa7b6e5a18474685c22dcad631561032d6 2008-11-21T12:58:49-08:00 2008-11-21T12:58:49-08:00 Fix up issues related to http://foo.com/a/blah.jpg 3cc56a002139ab2e8ceafe0875d94a94e113cfb2 c3 courtenay@entp.com