Merge "Support WAI-ARIA's role="presentation" inside of WikiText."

2013-02-15 16:56:00 +00:00 · 2013-02-15 16:56:00 +00:00 · aeae4fedda
commit aeae4fedda
parent 0b442a82e8 ea1a1cd5db
3 changed files with 47 additions and 1 deletions
--- a/RELEASE-NOTES-1.21
+++ b/RELEASE-NOTES-1.21
@ -96,6 +96,9 @@ production.
 * (bug 43915) New maintenance script deleteEqualMessages.php.
 * New collation uppercase-sv, which is like uppercase, but adapted
  to Swedish sort order.
+* WikiText now permits the use of WAI-ARIA's role="presentation" inside of
+  html elements and tables. This allows presentational markup, especially
+  tables. To be marked up as such.

 === Bug fixes in 1.21 ===
 * (bug 40353) SpecialDoubleRedirect should support interwiki redirects.
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@ -736,6 +736,16 @@ class Sanitizer {
 				$value = Sanitizer::escapeId( $value, 'noninitial' );
 			}

+			# WAI-ARIA
+			# http://www.w3.org/TR/wai-aria/
+			# http://www.whatwg.org/specs/web-apps/current-work/multipage/elements.html#wai-aria
+			# For now we only support role="presentation" until we work out what roles should be
+			# usable by content and we ensure that our code explicitly rejects patterns that
+			# violate HTML5's ARIA restrictions.
+			if ( $attribute === 'role' && $value !== 'presentation' ) {
+				continue;
+			}
+
 			//RDFa and microdata properties allow URLs, URIs and/or CURIs. check them for sanity
 			if ( $attribute === 'rel' || $attribute === 'rev' ||
 				$attribute === 'about' || $attribute === 'property' || $attribute === 'resource' || #RDFa
@ -1416,7 +1426,18 @@ class Sanitizer {
 			return $whitelist;
 		}

-		$common = array( 'id', 'class', 'lang', 'dir', 'title', 'style' );
+		$common = array(
+			# HTML
+			'id',
+			'class',
+			'style',
+			'lang',
+			'dir',
+			'title',
+
+			# WAI-ARIA
+			'role',
+		);

 		if ( $wgAllowRdfaAttributes ) {
 			#RDFa attributes as specified in section 9 of http://www.w3.org/TR/2008/REC-rdfa-syntax-20081014
--- a/tests/phpunit/includes/SanitizerTest.php
+++ b/tests/phpunit/includes/SanitizerTest.php
@ -225,4 +225,26 @@ class SanitizerTest extends MediaWikiTestCase {
 			array( '/* insecure input */', 'background-image: -moz-image-set("asdf.png" 1x, "asdf.png" 2x);' ),
 		);
 	}
+
+	/**
+	 * Test for support or lack of support for specific attributes in the attribute whitelist.
+	 */
+	function provideAttributeSupport() {
+		/** array( <attributes>, <expected>, <message> ) */
+		return array(
+			array( 'div', ' role="presentation"', ' role="presentation"', 'Support for WAI-ARIA\'s role="presentation".' ),
+			array( 'div', ' role="main"', '', "Other WAI-ARIA roles are currently not supported." ),
+		);
+	}
+
+	/**
+	 * @dataProvider provideAttributeSupport
+	 */
+	function testAttributeSupport( $tag, $attributes, $expected, $message ) {
+		$this->assertEquals( $expected,
+			Sanitizer::fixTagAttributes( $attributes, $tag ),
+			$message
+		);
+	}
+
 }