Imported Upstream version 1.2.2upstream/1.2.2

author: Per Andersson <avtobiff@gmail.com> 2013-06-09 19:45:54 +0200
committer: Per Andersson <avtobiff@gmail.com> 2013-06-09 19:45:54 +0200
commit: fac84c6d90e0875e6c1b10c5ef02d577ee008af4 (patch)
tree: 4080efdb87c814d5dc409e9e87aa449f4b273ff3 /bleach/sanitizer.py
parent: 38dc3b8f231cf36bcc771001318556d9e84c2889 (diff)
download: python-bleach-fac84c6d90e0875e6c1b10c5ef02d577ee008af4.tar
python-bleach-fac84c6d90e0875e6c1b10c5ef02d577ee008af4.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/bleach/sanitizer.py b/bleach/sanitizer.py
index 677287e..4640012 100644
--- a/bleach/sanitizer.py
+++ b/bleach/sanitizer.py
@@ -6,6 +6,10 @@ from html5lib.sanitizer import HTMLSanitizerMixin
 from html5lib.tokenizer import HTMLTokenizer
 
 
+PROTOS = HTMLSanitizerMixin.acceptable_protocols
+PROTOS.remove('feed')
+
+
 class BleachSanitizerMixin(HTMLSanitizerMixin):
     """Mixin to replace sanitize_token() and sanitize_css()."""
 
@@ -108,7 +112,7 @@ class BleachSanitizerMixin(HTMLSanitizerMixin):
         # TODO: Make sure this does what it's meant to - I *think* it wants to
         # validate style attribute contents.
         parts = style.split(';')
-        gauntlet = re.compile("""^([-/:,#%.'\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'\s*"""
+        gauntlet = re.compile("""^([-/:,#%.'"\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'\s*"""
                               """|"[\s\w]+"|\([\d,%\.\s]+\))*$""")
         for part in parts:
             if not gauntlet.match(part):
author	Per Andersson <avtobiff@gmail.com>	2013-06-09 19:45:54 +0200
committer	Per Andersson <avtobiff@gmail.com>	2013-06-09 19:45:54 +0200
commit	fac84c6d90e0875e6c1b10c5ef02d577ee008af4 (patch)
tree	4080efdb87c814d5dc409e9e87aa449f4b273ff3 /bleach/sanitizer.py
parent	38dc3b8f231cf36bcc771001318556d9e84c2889 (diff)
download	python-bleach-fac84c6d90e0875e6c1b10c5ef02d577ee008af4.tar python-bleach-fac84c6d90e0875e6c1b10c5ef02d577ee008af4.tar.gz