From e781faddca7523c6b700d03887b6603488128ced Mon Sep 17 00:00:00 2001
From: Rick Olson <technoweenie@gmail.com>
Date: Sun, 23 Dec 2007 21:07:20 +0000
Subject: Fix HTML Sanitizer to allow trailing spaces in CSS style attributes. 
 Closes #10566 [wesley.moxam]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8485 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 actionpack/test/controller/html-scanner/sanitizer_test.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'actionpack/test/controller')

diff --git a/actionpack/test/controller/html-scanner/sanitizer_test.rb b/actionpack/test/controller/html-scanner/sanitizer_test.rb
index 8fe9bbc5e8..a9f4e88742 100644
--- a/actionpack/test/controller/html-scanner/sanitizer_test.rb
+++ b/actionpack/test/controller/html-scanner/sanitizer_test.rb
@@ -203,6 +203,12 @@ class SanitizerTest < Test::Unit::TestCase
     assert_equal expected, sanitize_css(raw)
   end
 
+  def test_should_sanitize_with_trailing_space
+	raw = "display:block; "
+	expected = "display: block;"
+	assert_equal expected, sanitize_css(raw)
+  end
+
   def test_should_sanitize_xul_style_attributes
     raw = %(-moz-binding:url('http://ha.ckers.org/xssmoz.xml#xss'))
     assert_equal '', sanitize_css(raw)
@@ -247,4 +253,4 @@ protected
   def sanitize_css(input)
     (@sanitizer ||= HTML::WhiteListSanitizer.new).sanitize_css(input)
   end
-end
\ No newline at end of file
+end
-- 
cgit v1.2.3