[ Closed ] Attribute 'background' disallowed in 'table' tag

The attribute 'background' is not a standard attribute (note that deprecated attributes are standard attributes), and thus gets removed. htmLawed's logic uses a white-list of standard (and a few very commonly used non-standard) attributes, and one won't find  mention of 'background', e.g., in the code. The documentation has a list of the accepted attributes.

Because of 'background' being non-standard, attribute transformation (to standard ones) does not help, and the information conveyed by 'background' does get lost during htmLawed filtering. I might add support for transforming 'background' (like for the non-standard 'bordercolor') if there is a popular need.

The 'hook_tag' functionality, which allows custom manipulation of opening tag content with the attributes, kicks in after htmLawed has transformed and filtered attributes. So that too won't help rescue 'background'.

The obvious option is to use the 'style' attribute instead of 'background' (e.g., see this article (http://www.netmechanic.com/news/vol3/html_no6.htm)).

If you do want to let htmLawed allow 'background' for table, you can try the following, untested, modification to htmLawed. It'd be helpful to note the changes so you can easily update htmLawed in the future.

1. Declare 'background' as a valid attribute for 'table', 'td' and 'th'. In code for function 'hl_tag', modify the value of $aN array; e.g., to

static $aN = array('background'=>array('table'=>1, 'td'=>1, 'th'=>1), 'abbr'=>array('td'=>1, 'th'=>1), ...

2. [optional] Declare 'background' as a 'deprecated' attribute so one might get it transformed. Modify $aND array in function 'hl_tag'.

if($C['no_deprecated_attr']){ 
 // dep attr:applicable ele 
 static $aND = array('background'=>array('table'=>1, 'td'=>1, 'th'=>1), 'align'=>array('caption'=>1, ...

3. [optional] If doing #2 above, edit function 'hl_tag' further down.

// depr attrs 
if($depTr){ 
 $c = array();
 ...
 }elseif($k == 'background'){ 
   unset($a['background']); $c[] = 'background-image: '. $v; 
 }elseif($k == 'bordercolor'){ 
   unset($a['bordercolor']); $c[] = 'border-color: '. $v; 
 }...

Because htmLawed's objective is so clear-cut and dictated by well-established standards, I've assumed that any PHP developer with a decent knowledge of the standard specs. would be able to modify it though most users would have no need for any modification.

I certainly agree that the little comments and the short variable names make it difficult to quickly grasp the code.

I expect most modifications would be made to cover more attributes and tags. This post provides some guidelines.

--

I'm curious about your need to allow 'background'. Is the input generated by some software that uses that non-standard attribute? Is the input 'legacy' code?

Is it that you don't want to permit 'style'? Note that it is possible to have htmLawed let in specific CSS properties only for specific elements.