Comments (4)
Browser behavior is to take the last command, so that's what HTML Purifier does too.
Support for double commands should be easy to implement (just stop putting the finished CSS properties in a property-based array, see library/HTMLPurifier/AttrDef/CSS.php
but it needs to be gated behind a configuration option.)
from htmlpurifier.
OK, fixed with new config CSS.AllowDuplicates.
from htmlpurifier.
Thanks! You said for point 1 that HTML Purifier return last command. I can't this confirm. Show my code and result of it:
$config = HTMLPurifier_Config::createDefault();
$config->set('Filter.ExtractStyleBlocks', TRUE);
$purifier = new HTMLPurifier($config);
$html = $purifier->purify('<style>.test{color:red;color:blue;color:green;}</style>');
$output_css = $purifier->context->get('StyleBlocks');
echo $output_css[0];
Result is:
.test {
color:#FF0000
}
#FF0000 is red and the first command.
from htmlpurifier.
Oh. I know what's going on, and the patch I just pushed isn't going to help you. The problem is that for ExtractStyleBlocks, CSS parsing is done by CSSTidy, which seems to incorrectly deduplicate duplicate styles. There's not much I can do to fix this, since CSSTidy is not my project. I wonder if https://github.com/Cerdic/CSSTidy has fixed this bug; they might be interested in a no-deduplicate mode.
from htmlpurifier.
Related Issues (20)
- URI schemas with dashes HOT 2
- Support for conditional HTML commenting e.g. `<!--[if mso]>` HOT 6
- Getting Error: Request exceeds maximum allowed text size of 50 KB HOT 2
- How to remove JavaScript & hyperlinks from HTML?
- Deprecations for preg_match, preg_replace_callback and null argument
- Unchecked input in HTMLPurifier_UnitConverter round() function HOT 3
- PHP 8.3 deprecate second param to array_keys
- Allow commas in tel URIs HOT 2
- [Enduser Customize] - Can not allow heading elements (h1, h2, h3, h4, h5, h6) as Block elements HOT 4
- How to add global attribute for all elements?
- `DirectLex` will cause PHP error HOT 2
- Image alt tag not saved if user inputs it
- composer error!pls update! HOT 1
- CSS pseudo class "has()" not supported
- Using HTML comments between nested tables nodes raises an exception HOT 1
- website is not up to date HOT 2
- False postive "x<y" HOT 1
- The behavior for blank node parsing changed in later versions of PHP. HOT 2
- Config Core.AllowHostnameUnderscore work incorrectly HOT 1
- UNC path with Backslash character don't work
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from htmlpurifier.