From 6c37c4c6c8aa6d2099139f0f367807986240787f Mon Sep 17 00:00:00 2001
From: Sam Marshall <s.marshall@open.ac.uk>
Date: Wed, 2 Dec 2009 17:59:43 +0000
Subject: [PATCH] MDL-2684: kses strips out CSS from style tags unless the
 first property is on 'allowed' list, this is silly

---
 lib/kses.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/kses.php b/lib/kses.php
index 5824fa0062..8d87c23928 100644
--- a/lib/kses.php
+++ b/lib/kses.php
@@ -311,7 +311,12 @@ function kses_hair($attr, $allowed_protocols)
         if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match))
          # "value"
         {
-          $thisval = kses_bad_protocol($match[1], $allowed_protocols);
+          // MDL-2684 - kses stripping CSS styles that it thinks look like protocols
+          if ($attrname == 'style') {
+              $thisval = $match[1];
+          } else {
+              $thisval = kses_bad_protocol($match[1], $allowed_protocols);
+          }
 
           $attrarr[] = array
                         ('name'  => $attrname,
-- 
2.39.5