From fe180b1a7ad478bf9906edf4fa88dd9511f4689c Mon Sep 17 00:00:00 2001
From: Janis Dzerve <25026860+janis-github@users.noreply.github.com>
Date: Thu, 5 Sep 2019 10:04:16 +0300
Subject: [PATCH 1/2] CssSchema: Allow negative token values for margin
 property

---
 src/main/java/org/owasp/html/CssSchema.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/owasp/html/CssSchema.java b/src/main/java/org/owasp/html/CssSchema.java
index 38e61326..6d88eb55 100644
--- a/src/main/java/org/owasp/html/CssSchema.java
+++ b/src/main/java/org/owasp/html/CssSchema.java
@@ -654,7 +654,7 @@ Property forKey(String propertyName) {
     Property listStyleType = new Property(
         0, union(listStyleLiterals0, listStyleLiterals2), zeroFns);
     builder.put("list-style-type", listStyleType);
-    Property margin = new Property(1, bottomLiterals0, zeroFns);
+    Property margin = new Property(5, bottomLiterals0, zeroFns);
     builder.put("margin", margin);
     Property maxHeight = new Property(1, maxHeightLiterals0, zeroFns);
     builder.put("max-height", maxHeight);

From 5f1ee78756650997e76194b0a5fc640d4fb34e3e Mon Sep 17 00:00:00 2001
From: Janis Dzerve <25026860+janis-github@users.noreply.github.com>
Date: Thu, 5 Sep 2019 13:30:20 +0300
Subject: [PATCH 2/2] Fix value sign rules for positioning tokens

"top", "bottom", "left", "right" and "margin" are allowed to be negative.
"width" and "height" type properties should always be positive.
---
 src/main/java/org/owasp/html/CssSchema.java   | 25 +++++++++----------
 .../java/org/owasp/html/AntiSamyTest.java     |  2 +-
 2 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/src/main/java/org/owasp/html/CssSchema.java b/src/main/java/org/owasp/html/CssSchema.java
index 6d88eb55..3efa10dc 100644
--- a/src/main/java/org/owasp/html/CssSchema.java
+++ b/src/main/java/org/owasp/html/CssSchema.java
@@ -633,7 +633,7 @@ Property forKey(String propertyName) {
     Property fontWeight = new Property(
         0, union(fontLiterals0, fontStyleLiterals0), zeroFns);
     builder.put("font-weight", fontWeight);
-    Property height = new Property(5, bottomLiterals0, zeroFns);
+    Property height = new Property(1, bottomLiterals0, zeroFns);
     builder.put("height", height);
     Property letterSpacing = new Property(5, fontStyleLiterals0, zeroFns);
     builder.put("letter-spacing", letterSpacing);
@@ -654,8 +654,7 @@ Property forKey(String propertyName) {
     Property listStyleType = new Property(
         0, union(listStyleLiterals0, listStyleLiterals2), zeroFns);
     builder.put("list-style-type", listStyleType);
-    Property margin = new Property(5, bottomLiterals0, zeroFns);
-    builder.put("margin", margin);
+    builder.put("margin", bottom);
     Property maxHeight = new Property(1, maxHeightLiterals0, zeroFns);
     builder.put("max-height", maxHeight);
     Property opacity = new Property(1, mozOpacityLiterals0, zeroFns);
@@ -803,14 +802,14 @@ Property forKey(String propertyName) {
     builder.put("border-width", mozOutlineWidth);
     builder.put("cue-after", cue);
     builder.put("cue-before", cue);
-    builder.put("left", height);
-    builder.put("margin-bottom", margin);
-    builder.put("margin-left", margin);
-    builder.put("margin-right", margin);
-    builder.put("margin-top", margin);
+    builder.put("left", bottom);
+    builder.put("margin-bottom", bottom);
+    builder.put("margin-left", bottom);
+    builder.put("margin-right", bottom);
+    builder.put("margin-top", bottom);
     builder.put("max-width", maxHeight);
-    builder.put("min-height", margin);
-    builder.put("min-width", margin);
+    builder.put("min-height", maxHeight);
+    builder.put("min-width", maxHeight);
     builder.put("outline", mozOutline);
     builder.put("outline-color", mozOutlineColor);
     builder.put("outline-style", mozOutlineStyle);
@@ -826,13 +825,13 @@ Property forKey(String propertyName) {
     builder.put("pause-before", borderSpacing);
     builder.put("pitch-range", borderSpacing);
     builder.put("richness", borderSpacing);
-    builder.put("right", height);
+    builder.put("right", bottom);
     builder.put("stress", borderSpacing);
     builder.put("text-indent", borderSpacing);
     builder.put("text-overflow", oTextOverflow);
     builder.put("text-shadow", boxShadow);
-    builder.put("top", height);
-    builder.put("width", margin);
+    builder.put("top", bottom);
+    builder.put("width", height);
     builder.put("word-spacing", letterSpacing);
     builder.put("z-index", bottom);
     builder.put("rgba()", rgb$Fun);
diff --git a/src/test/java/org/owasp/html/AntiSamyTest.java b/src/test/java/org/owasp/html/AntiSamyTest.java
index 3a09d02e..0fbe5e9f 100644
--- a/src/test/java/org/owasp/html/AntiSamyTest.java
+++ b/src/test/java/org/owasp/html/AntiSamyTest.java
@@ -378,7 +378,7 @@ public static void testPreviousBugs() {
 
     /* issue #25 */
     assertEquals(
-        "<div>Test</div>", sanitize("<div style=\"margin: -5em\">Test</div>"));
+        "<div>Test</div>", sanitize("<div style=\"margin: xxx\">Test</div>"));
 
 
     /* issue #28 */