N°5298 - Add class HTML attribute to most HTML tags in the HTMLDOMSanitizer

2026-02-12 23:14:18 +01:00 · 2024-05-24 22:53:30 +02:00
parent 9bf0addc9c
commit 25af60d8df
1 changed files with 31 additions and 31 deletions
--- a/core/htmlsanitizer.class.inc.php
+++ b/core/htmlsanitizer.class.inc.php
@@ -278,37 +278,37 @@ class HTMLDOMSanitizer extends DOMSanitizer
 	protected static $aTagsWhiteList = array(
 		'html' => array(),
 		'body' => array(),
-		'a' => array('href', 'name', 'style', 'target', 'title', 'data-role', 'data-object-class', 'data-object-id'),
-		'p' => array('style'),
-		'blockquote' => array('style'),
+		'a' => array('href', 'name', 'style', 'class', 'target', 'title', 'data-role', 'data-object-class', 'data-object-id'),
+		'p' => array('style', 'class'),
+		'blockquote' => array('style', 'class'),
 		'br' => array(),
 		'span' => array('style', 'class'),
-		'div' => array('style'),
-		'b' => array(),
-		'i' => array(),
-		'u' => array(),
-		'em' => array(),
-		'strong' => array(),
-		'img' => array('src', 'style', 'alt', 'title', 'width', 'height'),
-		'ul' => array('style'),
-		'ol' => array('reversed', 'start', 'style', 'type'),
-		'li' => array('style', 'value'),
-		'h1' => array('style'),
-		'h2' => array('style'),
-		'h3' => array('style'),
-		'h4' => array('style'),
-		'nav' => array('style'),
-		'section' => array('style'),
+		'div' => array('style', 'class'),
+		'b' => array('class'),
+		'i' => array('class'),
+		'u' => array('class'),
+		'em' => array('class'),
+		'strong' => array('class'),
+		'img' => array('src', 'style', 'class', 'alt', 'title', 'width', 'height'),
+		'ul' => array('style', 'class'),
+		'ol' => array('reversed', 'start', 'style', 'class', 'type'),
+		'li' => array('style', 'class', 'value'),
+		'h1' => array('style', 'class'),
+		'h2' => array('style', 'class'),
+		'h3' => array('style', 'class'),
+		'h4' => array('style', 'class'),
+		'nav' => array('style', 'class'),
+		'section' => array('style', 'class'),
 		'code' => array('style', 'class'),
-		'table' => array('style', 'width', 'summary', 'align', 'border', 'cellpadding', 'cellspacing'),
-		'thead' => array('style'),
-		'tbody' => array('style'),
-		'tr' => array('style', 'colspan', 'rowspan'),
-		'td' => array('style', 'colspan', 'rowspan'),
-		'th' => array('style', 'colspan', 'rowspan'),
-		'fieldset' => array('style'),
-		'legend' => array('style'),
-		'font' => array('face', 'color', 'style', 'size'),
+		'table' => array('style', 'class', 'width', 'summary', 'align', 'border', 'cellpadding', 'cellspacing'),
+		'thead' => array('style', 'class'),
+		'tbody' => array('style', 'class'),
+		'tr' => array('style', 'class', 'colspan', 'rowspan'),
+		'td' => array('style', 'class', 'colspan', 'rowspan'),
+		'th' => array('style', 'class', 'colspan', 'rowspan'),
+		'fieldset' => array('style', 'class'),
+		'legend' => array('style', 'class'),
+		'font' => array('face', 'color', 'style', 'class', 'size'),
 		'big' => array(),
 		'small' => array(),
 		'tt' => array(),
@@ -320,10 +320,10 @@ class HTMLDOMSanitizer extends DOMSanitizer
 		'ins' => array(),
 		'cite' => array(),
 		'q' => array(),
-		'hr' => array('style'),
-		'pre' => array(),
+		'hr' => array('style', 'class'),
+		'pre' => array('class'),
 		'center' => array(),
-		'figure' => array('class', 'style'), // Ckeditor 5 puts images in figures
+		'figure' => array('style', 'class'), // Ckeditor 5 puts images in figures
 		'figcaption' => array('class'),
 		'mark' => array('class')
 	);