Revision: 3759
Author: [email protected]
Date: Sat Sep 26 18:46:46 2009
Log: Bug 529: PARAM VALUETYPE=ref VALUE=... should be more clearly banned
http://codereview.appspot.com/124044
http://code.google.com/p/google-caja/issues/detail?id=529
Removed HTML attributes from whitelists that are on disallowed elements.
[email protected]
http://code.google.com/p/google-caja/source/detail?r=3759
Modified:
/trunk/src/com/google/caja/lang/html/html4-attributes-whitelist.json
/trunk/tests/com/google/caja/plugin/templates/TemplateSanitizerTest.java
=======================================
--- /trunk/src/com/google/caja/lang/html/html4-attributes-whitelist.json
Wed May 13 14:07:05 2009
+++ /trunk/src/com/google/caja/lang/html/html4-attributes-whitelist.json
Sat Sep 26 18:46:46 2009
@@ -15,11 +15,9 @@
"TEXTAREA::ACCESSKEY",
"FORM::ACTION",
"CAPTION::ALIGN",
- "APPLET::ALIGN",
"IFRAME::ALIGN",
"IMG::ALIGN",
"INPUT::ALIGN",
- "OBJECT::ALIGN",
"LEGEND::ALIGN",
"TABLE::ALIGN",
"HR::ALIGN",
@@ -40,13 +38,10 @@
"THEAD::ALIGN",
"TR::ALIGN",
"BODY::ALINK",
- "APPLET::ALT",
- "AREA::ALT",
+ "AREA::ALT",
"IMG::ALT",
"INPUT::ALT",
- "APPLET::ARCHIVE",
- "OBJECT::ARCHIVE",
- "TD::AXIS",
+ "TD::AXIS",
"TH::AXIS",
"BODY::BACKGROUND",
"TABLE::BGCOLOR",
@@ -56,7 +51,6 @@
"BODY::BGCOLOR",
"TABLE::BORDER",
"IMG::BORDER",
- "OBJECT::BORDER",
"TABLE::CELLPADDING",
"TABLE::CELLSPACING",
"COL::CHAR",
@@ -81,15 +75,8 @@
"DEL::CITE",
"INS::CITE",
"*::CLASS",
- "OBJECT::CLASSID",
"BR::CLEAR",
- "APPLET::CODE",
- "OBJECT::CODEBASE",
- "APPLET::CODEBASE",
- "OBJECT::CODETYPE",
- "BASEFONT::COLOR",
- "FONT::COLOR",
- "FRAMESET::COLS",
+ "FONT::COLOR",
"TEXTAREA::COLS",
"TD::COLSPAN",
"TH::COLSPAN",
@@ -98,14 +85,10 @@
"MENU::COMPACT",
"OL::COMPACT",
"UL::COMPACT",
- "META::CONTENT",
"AREA::COORDS",
"A::COORDS",
- "OBJECT::DATA",
"DEL::DATETIME",
"INS::DATETIME",
- "OBJECT::DECLARE",
- "SCRIPT::DEFER",
"*::DIR",
"BDO::DIR",
"BUTTON::DISABLED",
@@ -115,11 +98,9 @@
"SELECT::DISABLED",
"TEXTAREA::DISABLED",
"FORM::ENCTYPE",
- "BASEFONT::FACE",
"FONT::FACE",
"LABEL::FOR",
"TABLE::FRAME",
- "FRAME::FRAMEBORDER",
"IFRAME::FRAMEBORDER",
"TD::HEADERS",
"TH::HEADERS",
@@ -127,41 +108,29 @@
"TD::HEIGHT",
"TH::HEIGHT",
"IMG::HEIGHT",
- "OBJECT::HEIGHT",
- "APPLET::HEIGHT",
"A::HREF",
"AREA::HREF",
"LINK::HREF",
- "BASE::HREF",
"A::HREFLANG",
"LINK::HREFLANG",
- "APPLET::HSPACE",
"IMG::HSPACE",
- "OBJECT::HSPACE",
- "META::HTTP-EQUIV",
- "*::ID",
+ "*::ID",
"IMG::ISMAP",
"INPUT::ISMAP",
"OPTION::LABEL",
"OPTGROUP::LABEL",
"*::LANG",
- "SCRIPT::LANGUAGE",
"BODY::LINK",
"IMG::LONGDESC",
- "FRAME::LONGDESC",
"IFRAME::LONGDESC",
- "FRAME::MARGINHEIGHT",
"IFRAME::MARGINHEIGHT",
- "FRAME::MARGINWIDTH",
"IFRAME::MARGINWIDTH",
"INPUT::MAXLENGTH",
- "STYLE::MEDIA",
- "LINK::MEDIA",
+ "LINK::MEDIA",
"FORM::METHOD",
"SELECT::MULTIPLE",
"BUTTON::NAME",
"TEXTAREA::NAME",
- "APPLET::NAME",
"SELECT::NAME",
"FORM::NAME",
"FRAME::NAME",
@@ -169,16 +138,11 @@
"IMG::NAME",
"A::NAME",
"INPUT::NAME",
- "OBJECT::NAME",
"MAP::NAME",
- "PARAM::NAME",
- "META::NAME",
"AREA::NOHREF",
- "FRAME::NORESIZE",
"HR::NOSHADE",
"TD::NOWRAP",
"TH::NOWRAP",
- "APPLET::OBJECT",
"A::ONBLUR",
"AREA::ONBLUR",
"BUTTON::ONBLUR",
@@ -201,7 +165,6 @@
"*::ONKEYDOWN",
"*::ONKEYPRESS",
"*::ONKEYUP",
- "FRAMESET::ONLOAD",
"BODY::ONLOAD",
"*::ONMOUSEDOWN",
"*::ONMOUSEMOVE",
@@ -212,25 +175,19 @@
"INPUT::ONSELECT",
"TEXTAREA::ONSELECT",
"FORM::ONSUBMIT",
- "FRAMESET::ONUNLOAD",
"BODY::ONUNLOAD",
- "HEAD::PROFILE",
- "ISINDEX::PROMPT",
"TEXTAREA::READONLY",
"INPUT::READONLY",
"A::REL",
"LINK::REL",
"A::REV",
"LINK::REV",
- "FRAMESET::ROWS",
"TEXTAREA::ROWS",
"TD::ROWSPAN",
"TH::ROWSPAN",
"TABLE::RULES",
- "META::SCHEME",
"TD::SCOPE",
"TH::SCOPE",
- "FRAME::SCROLLING",
"IFRAME::SCROLLING",
"OPTION::SELECTED",
"AREA::SHAPE",
@@ -242,12 +199,9 @@
"SELECT::SIZE",
"COL::SPAN",
"COLGROUP::SPAN",
- "SCRIPT::SRC",
"INPUT::SRC",
- "FRAME::SRC",
"IFRAME::SRC",
"IMG::SRC",
- "OBJECT::STANDBY",
"OL::START",
"*::STYLE",
"TABLE::SUMMARY",
@@ -255,22 +209,16 @@
"AREA::TABINDEX",
"BUTTON::TABINDEX",
"INPUT::TABINDEX",
- "OBJECT::TABINDEX",
"SELECT::TABINDEX",
"TEXTAREA::TABINDEX",
"A::TARGET",
"AREA::TARGET",
- "BASE::TARGET",
"FORM::TARGET",
"LINK::TARGET",
"BODY::TEXT",
"*::TITLE",
"A::TYPE",
"LINK::TYPE",
- "OBJECT::TYPE",
- "PARAM::TYPE",
- "SCRIPT::TYPE",
- "STYLE::TYPE",
"INPUT::TYPE",
"LI::TYPE",
"OL::TYPE",
@@ -278,7 +226,6 @@
"BUTTON::TYPE",
"IMG::USEMAP",
"INPUT::USEMAP",
- "OBJECT::USEMAP",
"COL::VALIGN",
"COLGROUP::VALIGN",
"TBODY::VALIGN",
@@ -289,23 +236,17 @@
"TR::VALIGN",
"INPUT::VALUE",
"OPTION::VALUE",
- "PARAM::VALUE",
"BUTTON::VALUE",
"LI::VALUE",
- "PARAM::VALUETYPE",
"HTML::VERSION",
"BODY::VLINK",
- "APPLET::VSPACE",
"IMG::VSPACE",
- "OBJECT::VSPACE",
"HR::WIDTH",
"IFRAME::WIDTH",
"IMG::WIDTH",
- "OBJECT::WIDTH",
"TABLE::WIDTH",
"TD::WIDTH",
"TH::WIDTH",
- "APPLET::WIDTH",
"COL::WIDTH",
"COLGROUP::WIDTH",
"PRE::WIDTH"
=======================================
---
/trunk/tests/com/google/caja/plugin/templates/TemplateSanitizerTest.java
Thu Sep 24 14:16:36 2009
+++
/trunk/tests/com/google/caja/plugin/templates/TemplateSanitizerTest.java
Sat Sep 26 18:46:46 2009
@@ -108,8 +108,8 @@
htmlFragment(fromString("<meta http-equiv='refresh'
content='1'/>")),
"",
"WARNING: removing disallowed tag meta",
- "WARNING: removing attribute content when folding meta into
parent",
- "WARNING: removing attribute http-equiv when folding meta into
parent");
+ "WARNING: removing disallowed attribute http-equiv on tag meta",
+ "WARNING: removing disallowed attribute content on tag meta");
}
public final void testDisallowedElement4() throws Exception {
assertValid(
