Skip to content

Commit

Permalink
Prevent removing elements that have freeform attributes
Browse files Browse the repository at this point in the history
  • Loading branch information
@westonruter
westonruter committed Feb 8, 2018
1 parent 79b8b83 commit 1becc63
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
6 changes: 6 additions & 0 deletions includes/sanitizers/class-amp-tag-and-attribute-sanitizer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -530,6 +530,12 @@ private function validate_attr_spec_list_for_node( $node, $attr_spec_list ) {
*/
foreach ( $attr_spec_list as $attr_name => $attr_spec_rule ) {

// If attr spec rule is empty, then it allows anything.
if ( empty( $attr_spec_rule ) && $node->hasAttribute( $attr_name ) ) {
$score++;
continue;
}

// If a mandatory attribute is required, and attribute exists, pass.
if ( isset( $attr_spec_rule[ AMP_Rule_Spec::MANDATORY ] ) ) {
$result = $this->check_attr_spec_rule_mandatory( $node, $attr_name, $attr_spec_rule );
Expand Down
6 changes: 5 additions & 1 deletion tests/test-tag-and-attribute-sanitizer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -755,7 +755,7 @@ public function get_html_data() {
),
'bad_meta_ua_compatible' => array(
'<html amp><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=9,chrome=1"></head><body></body></html>',
'<html amp><head><meta charset="utf-8"></head><body></body></html>',
'<html amp><head><meta charset="utf-8"><meta content="IE=9,chrome=1"></head><body></body></html>', // Note the http-equiv is removed because the content violates its attribute spec.
),
'bad_meta_charset' => array(
'<html amp><head><meta charset="latin-1"><title>Mojibake?</title></head><body></body></html>',
Expand All @@ -773,6 +773,10 @@ public function get_html_data() {
'<html amp><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,height=device-height,initial-scale=2,maximum-scale=3,minimum-scale=1.0,shrink-to-fit=yes,user-scalable=yes,viewport-fit=cover"></head><body></body></html>',
null, // No change.
),
'meta_og_property' => array(
'<html amp><head><meta charset="utf-8"><meta property="og:site_name" content="AMP Site"></head><body></body></html>',
null, // No change.
),
);

// Also include the body tests.
Expand Down

0 comments on commit 1becc63

Please sign in to comment.