[Checkins] SVN: Sandbox/malthe/chameleon.html/ Remove quotes for attribute values.
Malthe Borch
mborch at gmail.com
Tue Nov 18 20:40:22 EST 2008
Log message for revision 93116:
Remove quotes for attribute values.
Changed:
U Sandbox/malthe/chameleon.html/CHANGES.txt
U Sandbox/malthe/chameleon.html/src/chameleon/html/xss.py
-=-
Modified: Sandbox/malthe/chameleon.html/CHANGES.txt
===================================================================
--- Sandbox/malthe/chameleon.html/CHANGES.txt 2008-11-19 01:39:24 UTC (rev 93115)
+++ Sandbox/malthe/chameleon.html/CHANGES.txt 2008-11-19 01:40:21 UTC (rev 93116)
@@ -4,6 +4,9 @@
HEAD
~~~~
+- Remove quotes which may be used on attribute values to comply with
+ CSS3, e.g. dot ('.'). [malthe]
+
chameleon.html 0.5 (released 11/13/2008)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Modified: Sandbox/malthe/chameleon.html/src/chameleon/html/xss.py
===================================================================
--- Sandbox/malthe/chameleon.html/src/chameleon/html/xss.py 2008-11-19 01:39:24 UTC (rev 93115)
+++ Sandbox/malthe/chameleon.html/src/chameleon/html/xss.py 2008-11-19 01:40:21 UTC (rev 93116)
@@ -1,4 +1,6 @@
from cssutils.parse import CSSParser
+
+import re
import chameleon.core.config
class Element(object):
@@ -17,6 +19,8 @@
namespace = 'xmlns'
namespaces = {namespace: chameleon.core.config.XHTML_NS}
+re_unqoute = re.compile(r'["\']')
+
def parse_xss(stream):
elements = []
@@ -28,7 +32,7 @@
properties = {}
for prop in rule.style:
- properties[str(prop.name)] = prop.value
+ properties[str(prop.name)] = re_unqoute.sub("", prop.value)
for selector in rule.selectorList:
selectors = []
More information about the Checkins
mailing list