class Sanitize::CSS

def property!(prop)

current config doesn't allow this property.
Sanitizes a CSS property node. Returns the sanitized node, or `nil` if the

def property!(prop)
  name = prop[:name].downcase
  # Preserve IE * and _ hacks if desired.
  if @config[:allow_hacks]
    name.slice!(0) if name =~ /\A[*_]/
  end
  return nil unless @config[:properties].include?(name)
  nodes          = prop[:children].dup
  combined_value = ''
  nodes.each do |child|
    value = child[:value]
    case child[:node]
    when :ident
      combined_value << value if String === value
    when :function
      if child.key?(:name)
        return nil if child[:name].downcase == 'expression'
      end
      if Array === value
        nodes.concat(value)
      elsif String === value
        combined_value << value
        if value.downcase == 'expression' || combined_value.downcase == 'expression'
          return nil
        end
      end
    when :url
      if value =~ Sanitize::REGEX_PROTOCOL
        return nil unless @config[:protocols].include?($1.downcase)
      else
        return nil unless @config[:protocols].include?(:relative)
      end
    when :bad_url
      return nil
    end
  end
  prop
end

Modules

Classes

class Sanitize::CSS

def property!(prop)

Class Methods

Instance Methods