From 45e5a24b63d394fa6472c595df448aecfd1e1ea5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Anne?= <cedric.anne@gmail.com>
Date: Fri, 27 Oct 2023 15:27:27 +0200
Subject: [PATCH] [HtmlSanitizer] Consider `width` attribute as safe

---
 Reference/W3CReference.php     | 2 +-
 Tests/HtmlSanitizerAllTest.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Reference/W3CReference.php b/Reference/W3CReference.php
index 8668bbf..e519f76 100644
--- a/Reference/W3CReference.php
+++ b/Reference/W3CReference.php
@@ -394,7 +394,7 @@ final class W3CReference
         'vlink' => false,
         'vspace' => true,
         'webkitdirectory' => true,
-        'width' => false,
+        'width' => true,
         'wrap' => true,
     ];
 }
diff --git a/Tests/HtmlSanitizerAllTest.php b/Tests/HtmlSanitizerAllTest.php
index bdb47d7..d6c830d 100644
--- a/Tests/HtmlSanitizerAllTest.php
+++ b/Tests/HtmlSanitizerAllTest.php
@@ -427,8 +427,8 @@ public static function provideSanitizeBody()
                 '<hr />',
             ],
             [
-                '<img src="/img/example.jpg" alt="Image alternative text" title="Image title">',
-                '<img src="/img/example.jpg" alt="Image alternative text" title="Image title" />',
+                '<img src="/img/example.jpg" alt="Image alternative text" title="Image title" height="150" width="300">',
+                '<img src="/img/example.jpg" alt="Image alternative text" title="Image title" height="150" width="300" />',
             ],
             [
                 '<img src="http://trusted.com/img/example.jpg" alt="Image alternative text" title="Image title" />',