From bec242a045118739c34496b25168f131f4b91b33 Mon Sep 17 00:00:00 2001 From: Erik Uittenbogaard Date: Mon, 24 Jun 2024 12:21:07 +0200 Subject: [PATCH 1/2] Add support for CSS aspect-ratio --- library/HTMLPurifier/AttrDef/CSS/Ratio.php | 46 ++++++++++++++++++++ library/HTMLPurifier/CSSDefinition.php | 5 +++ tests/HTMLPurifier/AttrDef/CSS/RatioTest.php | 24 ++++++++++ tests/HTMLPurifier/AttrDef/CSSTest.php | 2 + 4 files changed, 77 insertions(+) create mode 100644 library/HTMLPurifier/AttrDef/CSS/Ratio.php create mode 100644 tests/HTMLPurifier/AttrDef/CSS/RatioTest.php diff --git a/library/HTMLPurifier/AttrDef/CSS/Ratio.php b/library/HTMLPurifier/AttrDef/CSS/Ratio.php new file mode 100644 index 000000000..e08e2c496 --- /dev/null +++ b/library/HTMLPurifier/AttrDef/CSS/Ratio.php @@ -0,0 +1,46 @@ +parseCDATA($ratio); + + $parts = explode('/', $ratio, 2); + $length = count($parts); + + if ($length < 1 || $length > 2) { + return false; + } + + $num = new \HTMLPurifier_AttrDef_CSS_Number(); + + if ($length === 1) { + return $num->validate($parts[0], $config, $context); + } + + $num1 = $num->validate($parts[0], $config, $context); + $num2 = $num->validate($parts[1], $config, $context); + + if ($num1 === false || $num2 === false) { + return false; + } + + return $num1 . '/' . $num2; + } +} + +// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/CSSDefinition.php b/library/HTMLPurifier/CSSDefinition.php index 1bc419c53..26eebf74b 100644 --- a/library/HTMLPurifier/CSSDefinition.php +++ b/library/HTMLPurifier/CSSDefinition.php @@ -304,6 +304,11 @@ protected function doSetup($config) $trusted_max_wh ); + $this->info['aspect-ratio'] = new HTMLPurifier_AttrDef_CSS_Composite([ + new HTMLPurifier_AttrDef_CSS_Ratio(), + new HTMLPurifier_AttrDef_Enum(['auto']), + ]); + // text-decoration and related shorthands $this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration(); diff --git a/tests/HTMLPurifier/AttrDef/CSS/RatioTest.php b/tests/HTMLPurifier/AttrDef/CSS/RatioTest.php new file mode 100644 index 000000000..f1d27af5a --- /dev/null +++ b/tests/HTMLPurifier/AttrDef/CSS/RatioTest.php @@ -0,0 +1,24 @@ +def = new HTMLPurifier_AttrDef_CSS_Ratio(); + + $this->assertDef('1/2'); + $this->assertDef('1 / 2', '1/2'); + $this->assertDef('1'); + $this->assertDef('1/0'); + $this->assertDef('0/1'); + + $this->assertDef('1/2/3', false); + $this->assertDef('/2/3', false); + $this->assertDef('/12', false); + $this->assertDef('1/', false); + $this->assertDef('asdf', false); + } +} + +// vim: et sw=4 sts=4 diff --git a/tests/HTMLPurifier/AttrDef/CSSTest.php b/tests/HTMLPurifier/AttrDef/CSSTest.php index 2367c187f..dd864575e 100644 --- a/tests/HTMLPurifier/AttrDef/CSSTest.php +++ b/tests/HTMLPurifier/AttrDef/CSSTest.php @@ -72,6 +72,8 @@ public function test() $this->assertDef('min-width:50rem;'); $this->assertDef('min-width:50vw;'); $this->assertDef('min-width:-50vw;', false); + $this->assertDef('aspect-ratio:16/9;'); + $this->assertDef('aspect-ratio:auto;'); $this->assertDef('text-decoration:underline;'); $this->assertDef('text-decoration-line:overline;'); $this->assertDef('text-decoration-style:dashed;'); From 8d50550e337926c879364f5caea6523876e51581 Mon Sep 17 00:00:00 2001 From: Erik Uittenbogaard Date: Mon, 24 Jun 2024 13:56:52 +0200 Subject: [PATCH 2/2] Use a multiple since aspect-ratio can have auto as fallback --- library/HTMLPurifier/CSSDefinition.php | 10 ++++++---- tests/HTMLPurifier/AttrDef/CSSTest.php | 2 ++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/library/HTMLPurifier/CSSDefinition.php b/library/HTMLPurifier/CSSDefinition.php index 26eebf74b..09321fd25 100644 --- a/library/HTMLPurifier/CSSDefinition.php +++ b/library/HTMLPurifier/CSSDefinition.php @@ -304,10 +304,12 @@ protected function doSetup($config) $trusted_max_wh ); - $this->info['aspect-ratio'] = new HTMLPurifier_AttrDef_CSS_Composite([ - new HTMLPurifier_AttrDef_CSS_Ratio(), - new HTMLPurifier_AttrDef_Enum(['auto']), - ]); + $this->info['aspect-ratio'] = new HTMLPurifier_AttrDef_CSS_Multiple( + new HTMLPurifier_AttrDef_CSS_Composite([ + new HTMLPurifier_AttrDef_CSS_Ratio(), + new HTMLPurifier_AttrDef_Enum(['auto']), + ]) + ); // text-decoration and related shorthands $this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration(); diff --git a/tests/HTMLPurifier/AttrDef/CSSTest.php b/tests/HTMLPurifier/AttrDef/CSSTest.php index dd864575e..cff044ec1 100644 --- a/tests/HTMLPurifier/AttrDef/CSSTest.php +++ b/tests/HTMLPurifier/AttrDef/CSSTest.php @@ -74,6 +74,8 @@ public function test() $this->assertDef('min-width:-50vw;', false); $this->assertDef('aspect-ratio:16/9;'); $this->assertDef('aspect-ratio:auto;'); + $this->assertDef('aspect-ratio:16/9 auto;'); + $this->assertDef('aspect-ratio:auto 16/9;'); $this->assertDef('text-decoration:underline;'); $this->assertDef('text-decoration-line:overline;'); $this->assertDef('text-decoration-style:dashed;');