I am using AntiSamy in a .Net project. I would like to leave the style attributes for the <span> tags, intact. I tried to modify the policy but anything I do, i get the same result... From this:
<p><span style="font-size:10px"><span style="font-family:arial">Name here<br />
To this:
<p><span style=""><span style="">Name here<br />
After looking through the policy file i saw this comment there:
<!-- the "style" attribute will be validated by an inline stylesheet scanner, so no need to define anything here - i hate having to special case this but no other choice -->
Here i have some questions...
What does this commented line in the policy xml file mean?
Do i have to make changes for the style attribute in the <common-attributes> or this doesn't touch the style attributes in the <span> tags?
Do i have to make the change only in the <tag name="span" action="validate"/> under the <tag-rules> for the style attribute content to be intact?
Thank you in advance.
The "style" attribute is a special case in AntiSamy (as value of style attribute consists of a list of property-value pairs).
style="font-size:10px; color:red;"
The value of style attribute is scanned by special scanner an inline stylesheet scanner. This validation is not trivial as for other tag attributes, as each property in the "style" itself should follow some rules. A section has to be defined for these rules For example,
<css-rules>
<property name="font-size" >
<category-list>
<category value="visual" />
</category-list>
<literal-list>
<literal value="inherit" />
</literal-list>
<regexp-list>
<regexp name="length" />
</regexp-list>
</property>
</css-rules>
The css property font-size will be validated against the rules defined in the css-rules. Here the regular expression length is defined in the common regular expressions section as
<regexp name="length"
value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))" />
There is no change in common-attributes or tag-rules section.