Page MenuHomePhabricator

Added `-` to the whitelist for CSS rules
ClosedPublic

Authored by jcox on Sep 8 2016, 8:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 13, 3:45 AM
Unknown Object (File)
Thu, Dec 5, 10:11 PM
Unknown Object (File)
Thu, Nov 28, 9:15 AM
Unknown Object (File)
Nov 9 2024, 12:17 PM
Unknown Object (File)
Nov 4 2024, 2:30 PM
Unknown Object (File)
Oct 21 2024, 9:53 PM
Unknown Object (File)
Oct 19 2024, 6:13 PM
Unknown Object (File)
Oct 16 2024, 1:16 AM

Details

Summary

Fixes T11567. This way people can use things like sans-serif and -webkit-small-control for their "monospaced" font

Test Plan

I added the hyphen to the regex then was able to set my Monospaced Font to be anything with a hyphen in it.

I also tried to break it pretty extensively, but couldn't find anything that would let me write malicious CSS or JS.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jcox retitled this revision from to Added `-` to the whitelist for CSS rules.
jcox updated this object.
jcox edited the test plan for this revision. (Show Details)
jcox edited edge metadata.
This revision is now accepted and ready to land.Sep 8 2016, 8:26 PM
This revision was automatically updated to reflect the committed changes.