Permalink
Browse files

Fix up issues related to http://foo.com/a/blah.jpg

  • Loading branch information...
1 parent d2be0fe commit f889f4fa7b6e5a18474685c22dcad631561032d6 @courtenay committed Nov 21, 2008
Showing with 8 additions and 8 deletions.
  1. +3 −2 lib/css_sanitize.rb
  2. +5 −6 test/css_sanitize_test.rb
View
@@ -3,8 +3,9 @@ module CssSanitize
def custom_css=(text)
# Mostly stolen from http://code.sixapart.com/svn/CSS-Cleaner/trunk/lib/CSS/Cleaner.pm
- text = "Error: invalid/disallowed characters in CSS" if text =~ /\w\/\/*/ # a comment immediately following a letter
- text = "Error: invalid/disallowed characters in CSS" if text =~ /\/\*\// # /*/ --> hack attempt, IMO
+ text = "Error: invalid/disallowed characters in CSS" if text =~ /(\w\/\/)/ # a// comment immediately following a letter
+ text = "Error: invalid/disallowed characters in CSS" if text =~ /(\w\/\/*\*)/ # a/* comment immediately following a letter
+ text = "Error: invalid/disallowed characters in CSS" if text =~ /(\/\*\/)/ # /*/ --> hack attempt, IMO
# Now, strip out any comments, and do some parsing.
no_comments = text.gsub(/(\/\*.*?\*\/)/, "") # filter out any /* ... */
View
@@ -63,9 +63,13 @@ class CssSanitizeTest < Test::Unit::TestCase
@site.custom_css = string
@site.custom_css.should == "Error: invalid/disallowed characters in CSS"
end
-
+ end
+
+
+ it "allows good css" do
good_strings = [
".test { color: red; border: 1px solid brown; }",
+ "h1 { background: url(http://foobar.com/meh.jpg)}",
"div.foo { width: 500px; height: 200px; }",
"GI b gkljfl kj { { { ********" # gibberish, but should work.
]
@@ -108,9 +112,4 @@ class CssSanitizeTest < Test::Unit::TestCase
@site.custom_css.should == "Error: invalid/disallowed characters in CSS"
end
- it "allows good css" do
- @site.custom_css = "a:link { color: red }"
- @site.custom_css.should == "a:link { color: red }"
- end
-
end

0 comments on commit f889f4f

Please sign in to comment.