Skip to content

Commit

Permalink
Fix : CSS Child Combinator Parsing Bug (#297)
Browse files Browse the repository at this point in the history
* Fix : Bug in HTMLStreamRendering for Child Combinator CSS

* Fix : ChildCombinator CSS Parsing Issue

---------

Co-authored-by: Mike Samuel <[email protected]>
  • Loading branch information
subbudvk and mikesamuel authored Jan 15, 2024
1 parent 5b420f9 commit 6b3cebd
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/main/java/org/owasp/html/HtmlStreamRenderer.java
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,7 @@ private static int checkHtmlCdataCloseable(
}
break;
case '>':
if (i >= 2 && sb.charAt(i - 2) == '-' && sb.charAt(i - 2) == '-') {
if (i >= 2 && sb.charAt(i - 2) == '-' && sb.charAt(i - 1) == '-') {
if (innerStart < 0) { return i - 2; }
// Merged start and end like <!--->
if (innerStart + 6 > i) { return innerStart; }
Expand Down
37 changes: 36 additions & 1 deletion src/test/java/org/owasp/html/HtmlPolicyBuilderTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -994,7 +994,7 @@ public static final void testTextareaIsNotTextArea() {
assertEquals("x<textArea>y</textArea>", textAreaPolicy.sanitize(input));
}

@Test
@Test
public static final void testCSSFontSize() {
HtmlPolicyBuilder builder = new HtmlPolicyBuilder();
PolicyFactory factory = builder.allowElements("span")
Expand All @@ -1007,6 +1007,41 @@ public static final void testCSSFontSize() {
assertEquals(toSanitizeMedium, factory.sanitize(toSanitizeMedium));
}

@Test
public static final void testCSSChildCombinator() {
HtmlPolicyBuilder builder = new HtmlPolicyBuilder();

PolicyFactory factory = builder.allowElements("span","style","h1").allowTextIn("style","h1")
.allowAttributes("type").onElements("style").allowStyling()
.toFactory();


String toSanitize = "<style type=\"text/css\">\n"
+ "<!--\n"
+ ".hdg-1 {\n"
+ "width:100%;\n"
+ "}\n"
+ "\n"
+ ".hdg-1>._inner {\n"
+ "background-color: #999;\n"
+ "}\n"
+ "-->\n"
+ "</style>\n"
+ "<h1>Test</h1>\n"
+ "\n"
+ "<style>\n"
+ "<!--\n"
+ ".hdg-1 {\n"
+ "width:100%;\n"
+ "}\n"
+ "\n"
+ ".hdg-1>._inner {\n"
+ "background-color: #666;\n"
+ "}\n"
+ "-->\n"
+ "</style>";
assertEquals(toSanitize, factory.sanitize(toSanitize));
}

private static String apply(HtmlPolicyBuilder b) {
return apply(b, EXAMPLE);
Expand Down

0 comments on commit 6b3cebd

Please sign in to comment.