From 32ee1a822645ea7cf746eccaab89d6b21c0cd2d9 Mon Sep 17 00:00:00 2001
From: jbostoen <6421683+jbostoen@users.noreply.github.com>
Date: Wed, 14 Dec 2022 15:46:59 +0100
Subject: [PATCH] =?UTF-8?q?N=C2=B05793=20-=20HTML=20Sanitizer:=20Allow=20'?=
 =?UTF-8?q?start'=20attribute=20in=20'ol'=20tag=20(#368)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* * Extended allowed attributes on ol, li (based on W3Schools)

* Change unit test case label

Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
---
 core/htmlsanitizer.class.inc.php             |  4 ++--
 test/core/sanitizer/HTMLDOMSanitizerTest.php | 10 ++++++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/core/htmlsanitizer.class.inc.php b/core/htmlsanitizer.class.inc.php
index 8d8b14dbf..fbc94a4f6 100644
--- a/core/htmlsanitizer.class.inc.php
+++ b/core/htmlsanitizer.class.inc.php
@@ -286,8 +286,8 @@ class HTMLDOMSanitizer extends DOMSanitizer
 		'strong' => array(),
 		'img' => array('src', 'style', 'alt', 'title'),
 		'ul' => array('style'),
-		'ol' => array('style'),
-		'li' => array('style'),
+		'ol' => array('reversed', 'start', 'style', 'type'),
+		'li' => array('style', 'value'),
 		'h1' => array('style'),
 		'h2' => array('style'),
 		'h3' => array('style'),
diff --git a/test/core/sanitizer/HTMLDOMSanitizerTest.php b/test/core/sanitizer/HTMLDOMSanitizerTest.php
index 1f3233158..f1fbfc4fb 100644
--- a/test/core/sanitizer/HTMLDOMSanitizerTest.php
+++ b/test/core/sanitizer/HTMLDOMSanitizerTest.php
@@ -86,8 +86,8 @@ class HTMLDOMSanitizerTest extends AbstractDOMSanitizerTest
 			'strong' => array(),
 			'img' => array('src', 'style', 'alt', 'title'),
 			'ul' => array('style'),
-			'ol' => array('style'),
-			'li' => array('style'),
+			'ol' => array('reversed', 'start', 'style', 'type'),
+			'li' => array('style', 'value'),
 			'h1' => array('style'),
 			'h2' => array('style'),
 			'h3' => array('style'),
@@ -213,6 +213,12 @@ class HTMLDOMSanitizerTest extends AbstractDOMSanitizerTest
 				'html' => '<html><head></head><body lang="EN-GB" link="#0563C1" vlink="#954F72">bar</body></html>',
 				'expected' => 'bar',
 			),
+			
+			'ordered list with attributes' => array(
+				'html' => '<ol start="100" reversed="reversed" type="I" baz="1" biz="2"><li value="101" baz="1" biz="2">Some list item</li></ol>',
+				'expected' => '<ol start="100" reversed="reversed" type="I"><li value="101">Some list item</li></ol>',
+			),
+			
 		);
 	}