From fac84c6d90e0875e6c1b10c5ef02d577ee008af4 Mon Sep 17 00:00:00 2001
From: Per Andersson <avtobiff@gmail.com>
Date: Sun, 9 Jun 2013 19:45:54 +0200
Subject: Imported Upstream version 1.2.2

---
 bleach/sanitizer.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'bleach/sanitizer.py')

diff --git a/bleach/sanitizer.py b/bleach/sanitizer.py
index 677287e..4640012 100644
--- a/bleach/sanitizer.py
+++ b/bleach/sanitizer.py
@@ -6,6 +6,10 @@ from html5lib.sanitizer import HTMLSanitizerMixin
 from html5lib.tokenizer import HTMLTokenizer
 
 
+PROTOS = HTMLSanitizerMixin.acceptable_protocols
+PROTOS.remove('feed')
+
+
 class BleachSanitizerMixin(HTMLSanitizerMixin):
     """Mixin to replace sanitize_token() and sanitize_css()."""
 
@@ -108,7 +112,7 @@ class BleachSanitizerMixin(HTMLSanitizerMixin):
         # TODO: Make sure this does what it's meant to - I *think* it wants to
         # validate style attribute contents.
         parts = style.split(';')
-        gauntlet = re.compile("""^([-/:,#%.'\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'\s*"""
+        gauntlet = re.compile("""^([-/:,#%.'"\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'\s*"""
                               """|"[\s\w]+"|\([\d,%\.\s]+\))*$""")
         for part in parts:
             if not gauntlet.match(part):
-- 
cgit v1.2.3