Added `-` to the whitelist for CSS rules
f712ae718ccc
Actions

Description

Added - to the whitelist for CSS rules

Summary: Fixes T11567. This way people can use things like sans-serif and -webkit-small-control for their "monospaced" font

Test Plan:
I added the hyphen to the regex then was able to set my Monospaced Font to be anything with a hyphen in it.

I also tried to break it pretty extensively, but couldn't find anything that would let me write malicious CSS or JS.

Reviewers: Blessed Reviewers, epriestley

Reviewed By: Blessed Reviewers, epriestley

Subscribers: epriestley, yelirekim

Maniphest Tasks: T11567

Differential Revision: https://secure.phabricator.com/D16519

Details

Provenance

jcox	Authored on Sep 8 2016, 3:29 AM
jcox	Pushed on Sep 8 2016, 8:29 PM

Reviewer

Blessed Reviewers

Differential Revision

D16519: Added `-` to the whitelist for CSS rules

Parents

rP0030bda17ea3: Check if app is installed for user before displying

Branches

Unknown

Tags

Unknown

Tasks

T11567: Allow dashes in monospace font preferences

Build Status

Buildable 13640
Build 17580: Run Core Tests

Event Timeline

jcox added a task: T11567: Allow dashes in monospace font preferences.Sep 8 2016, 8:29 PM

jcox committed rPf712ae718ccc: Added `-` to the whitelist for CSS rules (authored by jcox).Sep 8 2016, 3:44 AM

Harbormaster completed building B13640: rPf712ae718ccc: Added `-` to the whitelist for CSS rules.Sep 8 2016, 8:30 PM

joshuaspence mentioned this in T11610: Call to a member function getCommitDetail() on a non-object.Sep 8 2016, 10:46 PM

Changes (1)

Path

Size

src/

applications/

settings/

setting/

PhabricatorMonospacedFontSetting.php

rPf712ae718ccc

View Options

src/applications/settings/setting/PhabricatorMonospacedFontSetting.php