From f3a1686681f23bdc05aecc734eb204dd1f581c3b Mon Sep 17 00:00:00 2001
From: Siddhartha Mukherjee <mukherjee.siddhartha@gmail.com>
Date: Tue, 31 Mar 2015 12:00:22 +0530
Subject: [PATCH 1/2] Negative value sanitisation support for shorthand css
 properties

---
 lib/loofah/html5/scrub.rb    | 2 +-
 test/html5/test_sanitizer.rb | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/loofah/html5/scrub.rb b/lib/loofah/html5/scrub.rb
index d5cd2595..16c48acd 100644
--- a/lib/loofah/html5/scrub.rb
+++ b/lib/loofah/html5/scrub.rb
@@ -79,7 +79,7 @@ def scrub_css style
             elsif WhiteList::SHORTHAND_CSS_PROPERTIES.include?(prop.split('-')[0])
               clean << "#{prop}: #{val};" unless val.split().any? do |keyword|
                 !WhiteList::ALLOWED_CSS_KEYWORDS.include?(keyword) &&
-                  keyword !~ /\A(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)\z/
+                  keyword !~ /\A(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)\z/
               end
             elsif WhiteList::ALLOWED_SVG_PROPERTIES.include?(prop)
               clean << "#{prop}: #{val};"
diff --git a/test/html5/test_sanitizer.rb b/test/html5/test_sanitizer.rb
index c6f490e9..ad45dffa 100755
--- a/test/html5/test_sanitizer.rb
+++ b/test/html5/test_sanitizer.rb
@@ -220,6 +220,12 @@ def test_css_negative_value_sanitization
     sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
     assert_match %r/-0.03em/, sane.inner_html
   end
+
+  def test_css_negative_value_sanitization_shorthand_css_properties
+    html = "<span style=\"margin-left:-0.05em;\">"
+    sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
+    assert_match %r/-0.05em/, sane.inner_html
+  end
 end
 
 # <html5_license>

From 06341a55f59bec56a213d07ae987cf06945e6334 Mon Sep 17 00:00:00 2001
From: Siddhartha Mukherjee <mukherjee.siddhartha@gmail.com>
Date: Tue, 7 Apr 2015 16:27:31 +0530
Subject: [PATCH 2/2] Support for data attributes with dash

---
 lib/loofah/html5/scrub.rb    | 2 +-
 test/html5/test_sanitizer.rb | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/loofah/html5/scrub.rb b/lib/loofah/html5/scrub.rb
index 16c48acd..7c099c33 100644
--- a/lib/loofah/html5/scrub.rb
+++ b/lib/loofah/html5/scrub.rb
@@ -23,7 +23,7 @@ def scrub_attributes node
                           attr_node.node_name
                         end
 
-            if attr_name =~ /\Adata-\w+\z/
+            if attr_name =~ /\Adata-\S+\z/
               next
             end
 
diff --git a/test/html5/test_sanitizer.rb b/test/html5/test_sanitizer.rb
index ad45dffa..49beb1e7 100755
--- a/test/html5/test_sanitizer.rb
+++ b/test/html5/test_sanitizer.rb
@@ -97,6 +97,14 @@ def test_should_allow_data_attributes
     check_sanitization(input, htmloutput, output, output)
   end
 
+  def test_should_allow_data_attributes_with_dash
+    input = "<p data-index-number='123456'>123456</p>"
+
+    output = "<p data-index-number='123456'>123456</p>"
+    check_sanitization(input, output, output, output)
+  end
+
+
   ##
   ##  libxml2 downcases attributes, so this is moot.
   ##