Sanitize canvas style property values rather than requiring exact match.

Possibly due to recent changes in the CSS sanitizer, 2D canvas would
not accept rgb() and rgba() colors:
<https://code.google.com/p/google-caja/issues/detail?id=1837>

Now, instead of sanitizing the property and requiring the result to be
identical to the input, we just sanitize the property. If there was a
rationale for doing it the former way, I've forgotten it.

@r5547

[kpreid2, 2013-08-09 19:48:17]

Mike, I'm asking you to review this change because it is mainly about
interacting with the CSS sanitizer. I'd like your input on whether it's now
doing the right thing(s) and using the API correctly.

[MikeSamuel, 2013-08-09 20:10:52]

lgtm

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
File src/com/google/caja/plugin/domado.js (right):

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
src/com/google/caja/plugin/domado.js:4679: sanitizeCssProperty(cssPropertyName,
tokens);
This looks fine.  No need for URL rewriting stuff.

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
src/com/google/caja/plugin/domado.js:4683: return sanitizeCssValue('font',
value);
Cool.

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
src/com/google/caja/plugin/domado.js:4691: if (/\binherit\b/.test(style)) {
return ''; }
I believe the way we sanitize functions, tokens.length should be 1 because a
color is either a hash token, or an rgb function call or a call to rgba, so you
could filter too if you passed a predicate that examined the token list to
sanitizeCssValue.

[kpreid2, 2013-08-09 20:16:28]

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
File src/com/google/caja/plugin/domado.js (right):

https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
src/com/google/caja/plugin/domado.js:4691: if (/\binherit\b/.test(style)) {
return ''; }
On 2013/08/09 20:10:52, MikeSamuel wrote:
> I believe the way we sanitize functions, tokens.length should be 1 because a
> color is either a hash token, or an rgb function call or a call to rgba, so
> you could filter too if you passed a predicate that examined the token
> list to sanitizeCssValue.

From your description, that sounds more tightly coupled. Is there a particular
reason to do it that way?

[MikeSamuel, 2013-08-09 20:18:23]

On 2013/08/09 20:16:28, kpreid2 wrote:
>
https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
> File src/com/google/caja/plugin/domado.js (right):
> 
>
https://codereview.appspot.com/12699046/diff/1/src/com/google/caja/plugin/dom...
> src/com/google/caja/plugin/domado.js:4691: if (/\binherit\b/.test(style)) {
> return ''; }
> On 2013/08/09 20:10:52, MikeSamuel wrote:
> > I believe the way we sanitize functions, tokens.length should be 1 because a
> > color is either a hash token, or an rgb function call or a call to rgba, so
> > you could filter too if you passed a predicate that examined the token
> > list to sanitizeCssValue.
> 
> From your description, that sounds more tightly coupled. Is there a particular
> reason to do it that way?

Probably not.  Please ignore.