Fixes CNVS-28473
Test plan:
- Visit a page with an editor
- Switch to the HTML view.
- Insert MathML.
- Switch to and from the RCE editor and HTML editor.
- Verify that the MathML remains unchanged.
- Insure that it is not removed or otherwise redacted on save.
Change-Id: I46d55505518f0427fa342eff175a58bdcb0c5284
Reviewed-on: https://gerrit.instructure.com/79588
Tested-by: Jenkins
Reviewed-by: Simon Williams <simon@instructure.com>
Product-Review: Aaron Cannon <acannon@instructure.com>
QA-Review: Pierce Arner <pierce@instructure.com>
in commit 8ae4ba8e, the regex was modified to accept negative
values (e.g., -1.0em), making the \w-\w clause redundant and
causing extremely slow matching in certain pathological cases.
test plan:
- import the Angel package attached to the ticket
- it should complete in a reasonable time (a few minutes,
probably) and definitely should not max out your CPU
for three hours while making no visible progress
fixes CNVS-10820
Change-Id: I582386c25d4d99f362ce2411b0c387bc958a71c5
Reviewed-on: https://gerrit.instructure.com/30074
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
QA-Review: Nathan Rogowski <nathan@instructure.com>
test plan:
* test the sanitizer through the api by
creating or updating an object with html content
(such as a wiki page body attribute)
* the following html:
<p><style>should ignore this text</style></p>
* should be sanitized to:
<p></p>
fixes #CNVS-5828
Change-Id: I735f031eafdeeb8d7ae05fd977327fb3cc7e9251
Reviewed-on: https://gerrit.instructure.com/21689
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
fixes CNVS-4957
test plan:
- import content containing <font> tags
(such as the course attached to CNVS-4957)
- these should survive the import process
note: the text in the course above won't actually appear in
hebrew unless you have the bwhebb.ttf font installed
but you can inspect the element and see that the <font> tags
are still there
Change-Id: Ifd219097b6a92813892669cb908d2e7c2d9dd4ca
Reviewed-on: https://gerrit.instructure.com/19712
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
This is in anticipation of upgrading to sanitize 2.x, so we can upgrade
nokogiri to 1.5.x
test plan: n/a
Change-Id: Ie59459dc2c4baeb48aca54b7ec30384239e06354
Reviewed-on: https://gerrit.instructure.com/7987
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Zach Wily <zach@instructure.com>
Landon Wilkins