Skip to content

Commit

Permalink
using qualified node names
Browse files Browse the repository at this point in the history
Correct processing of attributes like xml:space
  • Loading branch information
igor-krein authored May 31, 2024
1 parent 6a2c069 commit 436e592
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/Sanitizer.php
Original file line number Diff line number Diff line change
Expand Up @@ -363,7 +363,7 @@ protected function startClean(\DOMNodeList $elements, array $elementsToRemove)
$breaksOutOfForeignContent = false;
for ($x = $currentElement->attributes->length - 1; $x >= 0; $x--) {
// get attribute name
$attrName = $currentElement->attributes->item( $x )->name;
$attrName = $currentElement->attributes->item( $x )->nodeName;

if (in_array(strtolower($attrName), ['face', 'color', 'size'])) {
$breaksOutOfForeignContent = true;
Expand Down Expand Up @@ -398,7 +398,7 @@ protected function cleanAttributesOnWhitelist(\DOMElement $element)
{
for ($x = $element->attributes->length - 1; $x >= 0; $x--) {
// get attribute name
$attrName = $element->attributes->item($x)->name;
$attrName = $element->attributes->item($x)->nodeName;

// Remove attribute if not in whitelist
if (!in_array(strtolower($attrName), $this->allowedAttrs) && !$this->isAriaAttribute(strtolower($attrName)) && !$this->isDataAttribute(strtolower($attrName))) {
Expand Down

0 comments on commit 436e592

Please sign in to comment.