Home > other >  How to enable using css url function with loofah?
How to enable using css url function with loofah?

Time:02-21

What I already tried:

Loofah::HTML5::WhiteList::ACCEPTABLE_CSS_FUNCTIONS.add 'url'
Loofah::HTML5::WhiteList::ACCEPTABLE_CSS_PROPERTIES.add 'background-image'

But

Rails::Html::WhiteListSanitizer.new.sanitize_css 'background-image: url(https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png);'

returns ""

Testing with rgb:

Rails::Html::WhiteListSanitizer.new.sanitize_css 'background-image: rgb(https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png);'

returns

'background-image:rgb(https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png);'

With Loofah::HTML5::Scrub.scrub_css I have the same results.

Lofah version : 2.13.0

Rails version : 6.1.4.4

Tested in Rails Console

CodePudding user response:

I'm afraid it doesn't work because the url filter is hardcoded.

Page link:https//www.codepudding.com/other/309350.html

Prev:gdb - how to trap corruption using gdb
Next:Create Centered Shapes beneath selected ones -
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding