diff --git a/src/main/java/org/owasp/html/HtmlPolicyBuilder.java b/src/main/java/org/owasp/html/HtmlPolicyBuilder.java
index aa1b51a5..c43bfb86 100644
--- a/src/main/java/org/owasp/html/HtmlPolicyBuilder.java
+++ b/src/main/java/org/owasp/html/HtmlPolicyBuilder.java
@@ -968,8 +968,12 @@ public AttributeBuilder matching(
*/
@SuppressWarnings("synthetic-access")
public HtmlPolicyBuilder globally() {
- return HtmlPolicyBuilder.this.allowAttributesGlobally(
- policy, attributeNames);
+ if(attributeNames.get(0).equals("style")) {
+ return allowStyling();
+ } else {
+ return HtmlPolicyBuilder.this.allowAttributesGlobally(
+ policy, attributeNames);
+ }
}
/**
@@ -1142,4 +1146,4 @@ final class AttributeGuardIntermediates {
this.styleUrlPolicy = styleUrlPolicy;
this.cssSchema = cssSchema;
}
-}
\ No newline at end of file
+}
diff --git a/src/test/java/org/owasp/html/SanitizersTest.java b/src/test/java/org/owasp/html/SanitizersTest.java
index 5841adad..c75fbcb4 100644
--- a/src/test/java/org/owasp/html/SanitizersTest.java
+++ b/src/test/java/org/owasp/html/SanitizersTest.java
@@ -434,6 +434,17 @@ public static final void testStyleTagInTable() {
pf.sanitize(input));
}
+ @Test
+ public static final void testStyleGlobally() {
+ PolicyFactory policyBuilder = new HtmlPolicyBuilder()
+ .allowAttributes("style").globally()
+ .allowElements("a", "label", "h1", "h2", "h3", "h4", "h5", "h6")
+ .toFactory();
+ String input = "This is some green text
";
+ String want = "This is some green text
";
+ assertEquals(want, policyBuilder.sanitize(input));
+ }
+
static int fac(int n) {
int ifac = 1;
for (int i = 1; i <= n; ++i) {