Added `-` to the whitelist for CSS rules
f712ae718cccUnpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Added - to the whitelist for CSS rules

Summary: Fixes T11567. This way people can use things like sans-serif and -webkit-small-control for their "monospaced" font

Test Plan:
I added the hyphen to the regex then was able to set my Monospaced Font to be anything with a hyphen in it.

I also tried to break it pretty extensively, but couldn't find anything that would let me write malicious CSS or JS.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, yelirekim

Maniphest Tasks: T11567

Provenance

Josh Cox <joshcox@uberatc.com>

Authored on Sep 8 2016, 5:29 AM

Parents

Branches

Unknown

Tags

Unknown

Josh Cox <joshcox@uberatc.com> committed rPHABf712ae718ccc: Added `-` to the whitelist for CSS rules (authored by Josh Cox <joshcox@uberatc.com>).Sep 8 2016, 5:44 AM

Path

Size

src/

applications/

settings/

setting/