http://codereview.appspot.com/5784076/diff/1/src/com/google/caja/plugin/sanitizecss.js File src/com/google/caja/plugin/sanitizecss.js (right):
http://codereview.appspot.com/5784076/diff/1/src/com/google/caja/plugin/sanitizecss.js#newcode401 src/com/google/caja/plugin/sanitizecss.js:401: if ('undefined' !== typeof console) { Can you add a TODO here to use a logger rather than calling console directly. In the playground and other circumstances, these messages might want to be channeled elsewhere. http://codereview.appspot.com/5784076/diff/1/src/com/google/caja/plugin/sanitizecss.js#newcode495 src/com/google/caja/plugin/sanitizecss.js:495: sanitizeCssProperty(property, valueArray, sanitizeUri); I think you need to pass schema here, not property. In sanitizeCssProperty, you're looking up cssPropBits property on the first arg fr'instance. Hmm, your tests shouldn't be passing in this case. http://codereview.appspot.com/5784076/diff/1/tests/com/google/caja/plugin/CssRewriterTest.java File tests/com/google/caja/plugin/CssRewriterTest.java (right): http://codereview.appspot.com/5784076/diff/1/tests/com/google/caja/plugin/CssRewriterTest.java#newcode106 tests/com/google/caja/plugin/CssRewriterTest.java:106: for (Expression testCase : ((ArrayConstructor) testcases.getValueExpr()).children()) { wrap. http://codereview.appspot.com/5784076/
