Fix #48

mganss · Oct 30, 2015 · 41de103 · 41de103
1 parent 486be15
commit 41de103
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 4 deletions.
diff --git a/HtmlSanitizer.Tests/Tests.cs b/HtmlSanitizer.Tests/Tests.cs
@@ -2280,6 +2280,21 @@ public void QuotedBackgroundImageTest()
             var expected = "<div style=\"background-image: url('some/random/url.img')\"></div>";
             Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
         }
+
+        [Test]
+        public void QuotedBackgroundImageFromIE9()
+        {
+            // Arrange
+            var s = new HtmlSanitizer();
+
+            // Act
+            var htmlFragment = "<span style='background-image: url(\"/api/users/defaultAvatar\");'></span>";
+            var actual = s.Sanitize(htmlFragment);
+
+            // Assert
+            var expected = "<span style='background-image: url(\"/api/users/defaultAvatar\")'></span>";
+            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
+        }
     }
 }
 

diff --git a/HtmlSanitizer/HtmlSanitizer.cs b/HtmlSanitizer/HtmlSanitizer.cs
@@ -418,7 +418,7 @@ private bool IsAllowedAttribute(KeyValuePair<string, string> attribute)
         private static readonly Regex CssComments = new Regex(@"/\*.*?\*/", RegexOptions.Compiled);
         // IE6 <http://heideri.ch/jso/#80>
         private static readonly Regex CssExpression = new Regex(@"[eE\uFF25\uFF45][xX\uFF38\uFF58][pP\uFF30\uFF50][rR\u0280\uFF32\uFF52][eE\uFF25\uFF45][sS\uFF33\uFF53]{2}[iI\u026A\uFF29\uFF49][oO\uFF2F\uFF4F][nN\u0274\uFF2E\uFF4E]", RegexOptions.Compiled);
-        private static readonly Regex CssUrl = new Regex(@"[Uu][Rr\u0280][Ll\u029F]\s*\(([^)]+)", RegexOptions.Compiled);
+        private static readonly Regex CssUrl = new Regex(@"[Uu][Rr\u0280][Ll\u029F]\s*\(\s*(['""]?)\s*([^'"")\s]+)\s*(['""]?)\s*", RegexOptions.Compiled);
 
         /// <summary>
         /// Sanitizes the style.
@@ -445,11 +445,11 @@ protected void SanitizeStyle(CSSStyleDeclaration styles, string baseUrl)
 
                     if (urls.Count > 0)
                     {
-                        if (urls.Cast<Match>().Any(m => GetSafeUri(m.Groups[1].Value) == null || SanitizeUrl(m.Groups[1].Value, baseUrl) == null))
-                            removeStyles.Add(style);
+                        if (urls.Cast<Match>().Any(m => GetSafeUri(m.Groups[2].Value) == null || SanitizeUrl(m.Groups[2].Value, baseUrl) == null))
+                                removeStyles.Add(style);
                         else
                         {
-                            var s = CssUrl.Replace(val, m => "url(" + SanitizeUrl(m.Groups[1].Value, baseUrl));
+                            var s = CssUrl.Replace(val, m => "url(" + m.Groups[1].Value + SanitizeUrl(m.Groups[2].Value, baseUrl) + m.Groups[3].Value);
                             if (s != val)
                             {
                                 if (key != style.Key) removeStyles.Add(style);