From 075499d1b98c387f4200fd59972ca9b15796b51b Mon Sep 17 00:00:00 2001 From: Dylan Armstrong Date: Wed, 21 Feb 2024 14:50:24 +0100 Subject: [PATCH 1/3] fix: ignore source maps when processing with postcss --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index bc62eeb..62404fa 100644 --- a/index.js +++ b/index.js @@ -453,7 +453,7 @@ function sanitizeHtml(html, options, _recursing) { if (a === 'style') { if (options.parseStyleAttributes) { try { - const abstractSyntaxTree = postcssParse(name + ' {' + value + '}'); + const abstractSyntaxTree = postcssParse(name + ' {' + value + '}', { map: false }); const filteredAST = filterCss(abstractSyntaxTree, options.allowedStyles); value = stringifyStyleAttributes(filteredAST); From c376501b9a066479736f0a088fba3492e7122811 Mon Sep 17 00:00:00 2001 From: Dylan Armstrong Date: Wed, 21 Feb 2024 14:52:59 +0100 Subject: [PATCH 2/3] doc: update changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7fe5964..74d7b22 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ - Clarified the use of SVGs with a new test and changes to documentation. +- Do not process source maps when processing style tags with PostCSS. + ## 2.11.0 (2023-06-21) - Fix to allow `false` in `allowedClasses` attributes. Thanks to [Kevin Jiang](https://github.com/KevinSJ) for this fix! From 1e2294c8001ce07c89448e03289818da631795ba Mon Sep 17 00:00:00 2001 From: Dylan Armstrong Date: Wed, 21 Feb 2024 15:03:01 +0100 Subject: [PATCH 3/3] test: added test for postcss map --- test/test.js | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/test.js b/test/test.js index b315147..9891a8e 100644 --- a/test/test.js +++ b/test/test.js @@ -1659,5 +1659,13 @@ describe('sanitizeHtml', function() { } }), ''); }); + it('should not process style sourceMappingURL with postCSS', () => { + assert.equal(sanitizeHtml('', { + allowedAttributes: { + ...sanitizeHtml.defaults.allowedAttributes, + a: [ 'style' ] + } + }), ''); + }); });