Merge pull request #649 from SVG-Edit/review-sanitize

Review sanitize

cypress/integration/unit/coords.js

@@ -1,4 +1,4 @@
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as coords from '../../../instrumented/svgcanvas/coords.js';
 

cypress/integration/unit/draw.js

@@ -1,5 +1,5 @@
 import 'pathseg';
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as draw from '../../../instrumented/svgcanvas/draw.js';
 import * as units from '../../../instrumented/common/units.js';
 

cypress/integration/unit/history.js

@@ -1,4 +1,4 @@
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as hstory from '../../../instrumented/svgcanvas/history.js';
 

cypress/integration/unit/math.js

@@ -1,4 +1,4 @@
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as math from '../../../instrumented/svgcanvas/math.js';
 
 describe('math', function () {

cypress/integration/unit/path.js

@@ -1,6 +1,6 @@
 /* globals SVGPathSeg */
 import 'pathseg';
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as pathModule from '../../../instrumented/svgcanvas/path.js';
 import { Path, Segment } from '../../../instrumented/svgcanvas/path-method.js';

cypress/integration/unit/recalculate.js

@@ -1,4 +1,4 @@
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as coords from '../../../instrumented/svgcanvas/coords.js';
 import * as recalculate from '../../../instrumented/svgcanvas/recalculate.js';

cypress/integration/unit/sanitize.js

@@ -1,4 +1,4 @@
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as sanitize from '../../../instrumented/svgcanvas/sanitize.js';
 
 describe('sanitize', function () {

cypress/integration/unit/select.js

@@ -1,5 +1,5 @@
 import * as select from '../../../instrumented/svgcanvas/select.js';
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 
 describe('select', function () {
   const sandbox = document.createElement('div');

cypress/integration/unit/utilities-bbox.js

@@ -1,7 +1,7 @@
 /* eslint-disable max-len */
 import 'pathseg';
 
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as math from '../../../instrumented/svgcanvas/math.js';
 import * as path from '../../../instrumented/svgcanvas/path.js';

cypress/integration/unit/utilities-performance.js

@@ -1,7 +1,7 @@
 /* eslint-disable max-len, no-console */
 import 'pathseg';
 
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
 import * as math from '../../../instrumented/svgcanvas/math.js';
 

cypress/integration/unit/utilities.js

@@ -1,6 +1,6 @@
 /* eslint-disable max-len */
 import * as utilities from '../../../instrumented/svgcanvas/utilities.js';
-import { NS } from '../../../instrumented/common/namespaces.js';
+import { NS } from '../../../instrumented/svgcanvas/namespaces.js';
 
 describe('utilities', function () {
   /**

package.json

@@ -77,40 +77,40 @@
   ],
   "dependencies": {
     "@babel/polyfill": "7.12.1",
-    "browser-fs-access": "^0.20.4",
-    "canvg": "3.0.7",
-    "core-js": "3.16.3",
+    "browser-fs-access": "^0.20.5",
+    "canvg": "3.0.8",
+    "core-js": "3.18.0",
     "elix": "15.0.0",
     "html2canvas": "1.3.2",
-    "i18next": "20.4.0",
-    "jspdf": "2.3.1",
+    "i18next": "21.0.2",
+    "jspdf": "2.4.0",
     "pathseg": "1.2.1",
     "regenerator-runtime": "0.13.9",
     "rollup-plugin-polyfill-node": "0.7.0",
-    "svg2pdf.js": "2.1.0"
+    "svg2pdf.js": "2.2.0"
   },
   "devDependencies": {
-    "@babel/core": "7.15.0",
-    "@babel/preset-env": "7.15.0",
+    "@babel/core": "7.15.5",
+    "@babel/preset-env": "7.15.6",
     "@babel/register": "7.15.3",
-    "@babel/runtime-corejs3": "7.15.3",
-    "@cypress/code-coverage": "3.9.10",
+    "@babel/runtime-corejs3": "7.15.4",
+    "@cypress/code-coverage": "3.9.11",
     "@cypress/fiddle": "1.19.2",
     "@fintechstudios/eslint-plugin-chai-as-promised": "3.1.0",
     "@rollup/plugin-babel": "5.3.0",
     "@rollup/plugin-commonjs": "18.0.0",
     "@rollup/plugin-dynamic-import-vars": "1.4.0",
-    "@rollup/plugin-node-resolve": "13.0.4",
+    "@rollup/plugin-node-resolve": "13.0.5",
     "@rollup/plugin-replace": "3.0.0",
     "@rollup/plugin-url": "6.1.0",
-    "@web/dev-server": "0.1.22",
+    "@web/dev-server": "0.1.23",
     "@web/dev-server-rollup": "0.3.9",
     "axe-core": "4.3.3",
     "babel-plugin-transform-object-rest-spread": "7.0.0-beta.3",
     "copyfiles": "2.4.1",
-    "core-js-bundle": "3.16.3",
+    "core-js-bundle": "3.18.0",
     "cp-cli": "2.0.0",
-    "cypress": "8.3.1",
+    "cypress": "8.4.1",
     "cypress-axe": "0.13.0",
     "cypress-multi-reporters": "1.5.0",
     "cypress-plugin-snapshots": "1.4.4",
@@ -121,12 +121,12 @@
     "eslint-plugin-chai-expect-keywords": "2.1.0",
     "eslint-plugin-chai-friendly": "0.7.2",
     "eslint-plugin-compat": "3.13.0",
-    "eslint-plugin-cypress": "2.11.3",
+    "eslint-plugin-cypress": "2.12.1",
     "eslint-plugin-eslint-comments": "3.2.0",
-    "eslint-plugin-html": "6.1.2",
+    "eslint-plugin-html": "6.2.0",
     "eslint-plugin-import": "2.24.2",
-    "eslint-plugin-jsdoc": "36.0.8",
-    "eslint-plugin-markdown": "2.2.0",
+    "eslint-plugin-jsdoc": "36.1.0",
+    "eslint-plugin-markdown": "2.2.1",
     "eslint-plugin-no-unsanitized": "3.1.5",
     "eslint-plugin-no-use-extend-native": "0.5.0",
     "eslint-plugin-node": "11.1.0",
@@ -137,20 +137,20 @@
     "node-static": "0.7.11",
     "npm-run-all": "4.1.5",
     "nyc": "15.1.0",
-    "open-cli": "7.0.0",
+    "open-cli": "7.0.1",
     "promise-fs": "2.1.1",
     "qr-manipulation": "0.7.0",
     "query-result": "1.0.5",
     "remark-cli": "10.0.0",
-    "remark-lint-ordered-list-marker-value": "3.0.1",
+    "remark-lint-ordered-list-marker-value": "3.1.0",
     "rimraf": "3.0.2",
-    "rollup": "2.56.3",
+    "rollup": "2.57.0",
     "rollup-plugin-copy": "3.4.0",
     "rollup-plugin-filesize": "9.1.1",
     "rollup-plugin-node-polyfills": "0.2.1",
     "rollup-plugin-progress": "1.1.2",
     "rollup-plugin-re": "1.0.7",
     "rollup-plugin-terser": "7.0.2",
-    "start-server-and-test": "1.13.1"
+    "start-server-and-test": "1.14.0"
   }
 }

src/common/browser.js

@@ -6,7 +6,7 @@
  * @copyright 2010 Jeff Schiller, 2010 Alexis Deveria
  */
 
-import { NS } from './namespaces.js';
+const NSSVG = 'http://www.w3.org/2000/svg';
 
 const { userAgent } = navigator;
 
@@ -19,12 +19,12 @@ const isTouch_ = 'ontouchstart' in window;
 
 // text character positioning (for IE9 and now Chrome)
 const supportsGoodTextCharPos_ = (function () {
-  const svgroot = document.createElementNS(NS.SVG, 'svg');
-  const svgcontent = document.createElementNS(NS.SVG, 'svg');
+  const svgroot = document.createElementNS(NSSVG, 'svg');
+  const svgcontent = document.createElementNS(NSSVG, 'svg');
   document.documentElement.append(svgroot);
   svgcontent.setAttribute('x', 5);
   svgroot.append(svgcontent);
-  const text = document.createElementNS(NS.SVG, 'text');
+  const text = document.createElementNS(NSSVG, 'text');
   text.textContent = 'a';
   svgcontent.append(text);
   try { // Chrome now fails here
@@ -39,13 +39,13 @@ const supportsGoodTextCharPos_ = (function () {
 
 // Support for correct bbox sizing on groups with horizontal/vertical lines
 const supportsHVLineContainerBBox_ = (function () {
-  const svgcontent = document.createElementNS(NS.SVG, 'svg');
+  const svgcontent = document.createElementNS(NSSVG, 'svg');
   document.documentElement.append(svgcontent);
-  const path = document.createElementNS(NS.SVG, 'path');
+  const path = document.createElementNS(NSSVG, 'path');
   path.setAttribute('d', 'M0,0 10,0');
-  const path2 = document.createElementNS(NS.SVG, 'path');
+  const path2 = document.createElementNS(NSSVG, 'path');
   path2.setAttribute('d', 'M5,0 15,0');
-  const g = document.createElementNS(NS.SVG, 'g');
+  const g = document.createElementNS(NSSVG, 'g');
   g.append(path, path2);
   svgcontent.append(g);
   const bbox = g.getBBox();
@@ -55,7 +55,7 @@ const supportsHVLineContainerBBox_ = (function () {
 }());
 
 const supportsNonScalingStroke_ = (function () {
-  const rect = document.createElementNS(NS.SVG, 'rect');
+  const rect = document.createElementNS(NSSVG, 'rect');
   rect.setAttribute('style', 'vector-effect:non-scaling-stroke');
   return rect.style.vectorEffect === 'non-scaling-stroke';
 }());

src/common/units.js

@@ -6,7 +6,7 @@
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
 
-import { NS } from './namespaces.js';
+const NSSVG = 'http://www.w3.org/2000/svg';
 
 const wAttrs = [ 'x', 'x1', 'cx', 'rx', 'width' ];
 const hAttrs = [ 'y', 'y1', 'cy', 'ry', 'height' ];
@@ -79,9 +79,9 @@ export const init = function (elementContainer) {
   elementContainer_ = elementContainer;
 
   // Get correct em/ex values by creating a temporary SVG.
-  const svg = document.createElementNS(NS.SVG, 'svg');
+  const svg = document.createElementNS(NSSVG, 'svg');
   document.body.append(svg);
-  const rect = document.createElementNS(NS.SVG, 'rect');
+  const rect = document.createElementNS(NSSVG, 'rect');
   rect.setAttribute('width', '1em');
   rect.setAttribute('height', '1ex');
   rect.setAttribute('x', '1in');

src/svgcanvas/clear.js

@@ -4,7 +4,7 @@
  * @license MIT
  * @copyright 2011 Jeff Schiller
  */
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 
 let clearContext_ = null;
 

src/svgcanvas/draw.js

@@ -8,7 +8,7 @@
 import Layer from './layer.js';
 import HistoryRecordingService from './historyrecording.js';
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import {
   toXml, getElem
 } from './utilities.js';

src/svgcanvas/elem-get-set.js

@@ -6,7 +6,7 @@
 
 import { jGraduate } from '../editor/components/jgraduate/jQuery.jGraduate.js';
 import * as hstry from './history.js';
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import {
   getVisibleElements, getStrokedBBoxDefaultVisible, findDefs,
   walkTree, isNullish, getHref, setHref, getElem

src/svgcanvas/json.js

@@ -6,7 +6,7 @@
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
 import { getElem, assignAttributes, cleanupElement } from './utilities.js';
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 
 let jsonContext_ = null;
 let svgdoc_ = null;

src/svgcanvas/layer.js

@@ -6,7 +6,7 @@
  * @copyright 2011 Jeff Schiller, 2016 Flint O'Brien
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { toXml, walkTree, isNullish } from './utilities.js';
 
 

src/svgcanvas/math.js

@@ -19,7 +19,7 @@
 * @property {Float} y
 */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 
 // Constants
 const NEAR_ZERO = 1e-14;

src/svgcanvas/path-actions.js

@@ -6,7 +6,7 @@
  * @copyright 2011 Alexis Deveria, 2011 Jeff Schiller
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { shortFloat } from '../common/units.js';
 import { ChangeElementCommand, BatchCommand } from './history.js';
 import {

src/svgcanvas/path-method.js

@@ -6,7 +6,7 @@
  * @copyright 2011 Alexis Deveria, 2011 Jeff Schiller
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { ChangeElementCommand } from './history.js';
 import {
   transformPoint, getMatrix

src/svgcanvas/recalculate.js

@@ -4,7 +4,7 @@
  * @license MIT
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { convertToNum } from '../common/units.js';
 import { isWebkit } from '../common/browser.js';
 import { getRotationAngle, getHref, getBBox, getRefElem, isNullish } from './utilities.js';

src/svgcanvas/sanitize.js

@@ -6,8 +6,7 @@
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
 
-import { getReverseNS, NS } from '../common/namespaces.js';
-import { isGecko } from '../common/browser.js';
+import { getReverseNS, NS } from './namespaces.js';
 import { getHref, setHref, getUrlFromAttr } from './utilities.js';
 
 const REVERSE_NS = getReverseNS();
@@ -19,16 +18,15 @@ const REVERSE_NS = getReverseNS();
  * @type {PlainObject}
  */
 /* eslint-disable max-len */
-const svgGenericWhiteList = [ 'class', 'id', 'display', 'transform' ];
+const svgGenericWhiteList = [ 'class', 'id', 'display', 'transform', 'style' ];
 const svgWhiteList_ = {
   // SVG Elements
-  a: [ 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'xlink:href', 'xlink:title' ],
-  circle: [ 'clip-path', 'clip-rule', 'cx', 'cy', 'enable-background', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'r', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage' ],
-  clipPath: [ 'clipPathUnits', 'id' ],
+  a: [ 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'xlink:href', 'xlink:title' ],
+  circle: [ 'clip-path', 'clip-rule', 'cx', 'cy', 'enable-background', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'r', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage' ],
+  clipPath: [ 'clipPathUnits' ],
   defs: [],
-  style: [ 'type' ],
   desc: [],
-  ellipse: [ 'clip-path', 'clip-rule', 'cx', 'cy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage' ],
+  ellipse: [ 'clip-path', 'clip-rule', 'cx', 'cy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage' ],
   feBlend: [ 'in', 'in2' ],
   feColorMatrix: [ 'in', 'type', 'value', 'result', 'values' ],
   feComposite: [ 'in', 'operator', 'result', 'in2' ],
@@ -38,30 +36,31 @@ const svgWhiteList_ = {
   feMergeNode: [ 'in' ],
   feMorphology: [ 'in', 'operator', 'radius' ],
   feOffset: [ 'dx', 'in', 'dy', 'result' ],
-  filter: [ 'color-interpolation-filters', 'filterRes', 'filterUnits', 'height',  'primitiveUnits', 'requiredFeatures', 'style', 'width', 'x', 'xlink:href', 'y' ],
-  foreignObject: [  'font-size', 'height',  'opacity', 'requiredFeatures', 'style', 'width', 'x', 'y' ],
-  g: [ 'clip-path', 'clip-rule',   'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'font-family', 'font-size', 'font-style', 'font-weight', 'text-anchor' ],
-  image: [  'clip-path', 'clip-rule', 'filter', 'height',  'mask', 'opacity', 'requiredFeatures', 'style', 'systemLanguage', 'width', 'x', 'xlink:href', 'xlink:title', 'y' ],
-  line: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter',  'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'x1', 'x2', 'y1', 'y2' ],
+  filter: [ 'color-interpolation-filters', 'filterRes', 'filterUnits', 'height',  'primitiveUnits', 'requiredFeatures', 'width', 'x', 'xlink:href', 'y' ],
+  foreignObject: [  'font-size', 'height',  'opacity', 'requiredFeatures', 'width', 'x', 'y' ],
+  g: [ 'clip-path', 'clip-rule',   'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'font-family', 'font-size', 'font-style', 'font-weight', 'text-anchor' ],
+  image: [  'clip-path', 'clip-rule', 'filter', 'height',  'mask', 'opacity', 'requiredFeatures', 'systemLanguage', 'width', 'x', 'xlink:href', 'xlink:title', 'y' ],
+  line: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter',  'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'x1', 'x2', 'y1', 'y2' ],
   linearGradient: [   'gradientTransform', 'gradientUnits', 'requiredFeatures', 'spreadMethod', 'systemLanguage', 'x1', 'x2', 'xlink:href', 'y1', 'y2' ],
   marker: [   'markerHeight', 'markerUnits', 'markerWidth', 'orient', 'preserveAspectRatio', 'refX', 'refY', 'systemLanguage', 'viewBox' ],
   mask: [  'height',  'maskContentUnits', 'maskUnits', 'width', 'x', 'y' ],
-  metadata: [  'id' ],
-  path: [  'clip-path', 'clip-rule', 'd', 'enable-background', 'fill', 'fill-opacity', 'fill-rule', 'filter',  'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage' ],
-  pattern: [  'height',  'patternContentUnits', 'patternTransform', 'patternUnits', 'requiredFeatures', 'style', 'systemLanguage', 'viewBox', 'width', 'x', 'xlink:href', 'y' ],
-  polygon: [  'clip-path', 'clip-rule',  'fill', 'fill-opacity', 'fill-rule', 'filter',   'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'sides', 'shape', 'edge', 'point', 'starRadiusMultiplier', 'r', 'radialshift' ],
-  polyline: [  'clip-path', 'clip-rule',  'fill', 'fill-opacity', 'fill-rule', 'filter', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'se:connector' ],
+  metadata: [ ],
+  path: [  'clip-path', 'clip-rule', 'd', 'enable-background', 'fill', 'fill-opacity', 'fill-rule', 'filter',  'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage' ],
+  pattern: [  'height',  'patternContentUnits', 'patternTransform', 'patternUnits', 'requiredFeatures', 'systemLanguage', 'viewBox', 'width', 'x', 'xlink:href', 'y' ],
+  polygon: [  'clip-path', 'clip-rule',  'fill', 'fill-opacity', 'fill-rule', 'filter',   'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'sides', 'shape', 'edge', 'point', 'starRadiusMultiplier', 'r', 'radialshift' ],
+  polyline: [  'clip-path', 'clip-rule',  'fill', 'fill-opacity', 'fill-rule', 'filter', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'se:connector' ],
   radialGradient: [  'cx', 'cy', 'fx', 'fy', 'gradientTransform', 'gradientUnits',  'r', 'requiredFeatures', 'spreadMethod', 'systemLanguage', 'xlink:href' ],
-  rect: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height',  'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'width', 'x', 'y' ],
-  stop: [   'offset', 'requiredFeatures', 'stop-opacity', 'style', 'systemLanguage', 'stop-color', 'gradientUnits', 'gradientTransform' ],
-  svg: [  'clip-path', 'clip-rule', 'enable-background', 'filter',  'height', 'mask', 'preserveAspectRatio', 'requiredFeatures', 'style', 'systemLanguage', 'version', 'viewBox', 'width', 'x', 'xmlns', 'xmlns:se', 'xmlns:xlink', 'xmlns:oi', 'oi:animations', 'y', 'stroke-linejoin', 'fill-rule', 'aria-label', 'stroke-width', 'fill-rule', 'xml:space' ],
+  rect: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height',  'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'width', 'x', 'y' ],
+  stop: [   'offset', 'requiredFeatures', 'stop-opacity', 'systemLanguage', 'stop-color', 'gradientUnits', 'gradientTransform' ],
+  style: [ 'type' ],
+  svg: [  'clip-path', 'clip-rule', 'enable-background', 'filter',  'height', 'mask', 'preserveAspectRatio', 'requiredFeatures', 'systemLanguage', 'version', 'viewBox', 'width', 'x', 'xmlns', 'xmlns:se', 'xmlns:xlink', 'xmlns:oi', 'oi:animations', 'y', 'stroke-linejoin', 'fill-rule', 'aria-label', 'stroke-width', 'fill-rule', 'xml:space' ],
   switch: [   'requiredFeatures', 'systemLanguage' ],
-  symbol: [  'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'opacity', 'overflow', 'preserveAspectRatio', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'viewBox', 'width', 'height' ],
-  text: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'text-anchor', 'x', 'xml:space', 'y' ],
-  textPath: [   'method', 'requiredFeatures', 'spacing', 'startOffset', 'style', 'systemLanguage', 'xlink:href' ],
+  symbol: [  'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'opacity', 'overflow', 'preserveAspectRatio', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'viewBox', 'width', 'height' ],
+  text: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'text-anchor', 'x', 'xml:space', 'y' ],
+  textPath: [   'method', 'requiredFeatures', 'spacing', 'startOffset', 'systemLanguage', 'xlink:href' ],
   title: [],
-  tspan: [  'clip-path', 'clip-rule', 'dx', 'dy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'mask', 'opacity', 'requiredFeatures', 'rotate', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'text-anchor', 'textLength', 'x', 'xml:space', 'y' ],
-  use: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height',  'mask', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'width', 'x', 'xlink:href', 'y', 'overflow' ],
+  tspan: [  'clip-path', 'clip-rule', 'dx', 'dy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight',  'mask', 'opacity', 'requiredFeatures', 'rotate', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'systemLanguage', 'text-anchor', 'textLength', 'x', 'xml:space', 'y' ],
+  use: [  'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height',  'mask', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'width', 'x', 'xlink:href', 'y', 'overflow' ],
 
   // MathML Elements
   annotation: [ 'encoding' ],
@@ -97,8 +96,10 @@ const svgWhiteList_ = {
   semantics: []
 };
 /* eslint-enable max-len */
+
 // add generic attributes to all elements of the whitelist
 Object.keys(svgWhiteList_).forEach((element) => svgWhiteList_[element] = [ ...svgWhiteList_[element], ...svgGenericWhiteList ]);
+
 // Produce a Namespace-aware version of svgWhitelist
 const svgWhiteListNS_ = {};
 Object.entries(svgWhiteList_).forEach(([ elt, atts ]) => {
@@ -159,30 +160,16 @@ export const sanitizeSvg = function (node) {
       const attrNsURI = attr.namespaceURI;
       // Check that an attribute with the correct localName in the correct namespace is on
       // our whitelist or is a namespace declaration for one of our allowed namespaces
-      if (!({}.hasOwnProperty.call(allowedAttrsNS, attrLocalName) &&
-        attrNsURI === allowedAttrsNS[attrLocalName] && attrNsURI !== NS.XMLNS
-      ) &&
-        !(attrNsURI === NS.XMLNS && REVERSE_NS[attr.value])) {
-        // Bypassing the whitelist to allow se: prefixes.
+      if ( attrNsURI !== allowedAttrsNS[attrLocalName] && attrNsURI !== NS.XMLNS
+       && !(attrNsURI === NS.XMLNS && REVERSE_NS[attr.value]) ) {
+        // Bypassing the whitelist to allow se: and oi: prefixes
+        // We can add specific namepaces on demand for now.
         // Is there a more appropriate way to do this?
-        if (attrName.startsWith('se:') || attrName.startsWith('data-')) {
+        if (attrName.startsWith('se:') || attrName.startsWith('oi:')|| attrName.startsWith('data-')) {
           seAttrs.push([ attrName, attr.value ]);
-        }
-        console.warn(`sanitizeSvg: attribute ${attrName} in element ${node.nodeName} not in whitelist is removed`);
-        node.removeAttributeNS(attrNsURI, attrLocalName);
-      }
-
-      // Add spaces before negative signs where necessary
-      if (isGecko()) {
-        switch (attrName) {
-        case 'transform':
-        case 'gradientTransform':
-        case 'patternTransform': {
-          const val = attr.value.replace(/(\d)-/g, '$1 -');
-          // const val = attr.value.replace(/(?<digit>\d)-/g, '$<digit> -');
-          node.setAttribute(attrName, val);
-          break;
-        }
+        } else {
+          console.warn(`sanitizeSvg: attribute ${attrName} in element ${node.nodeName} not in whitelist is removed`);
+          node.removeAttributeNS(attrNsURI, attrLocalName);
         }
       }
 

src/svgcanvas/selected-elem.js

@@ -6,7 +6,7 @@
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import * as hstry from './history.js';
 import * as pathModule from './path.js';
 import {

src/svgcanvas/selection.js

@@ -5,7 +5,7 @@
  * @copyright 2011 Jeff Schiller
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import {
   isNullish, getBBox as utilsGetBBox, getStrokedBBoxDefaultVisible
 } from './utilities.js';

src/svgcanvas/svg-exec.js

@@ -22,7 +22,7 @@ import {
 } from '../common/units.js';
 import { isGecko, isChrome, isWebkit } from '../common/browser.js';
 import * as pathModule from './path.js';
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import * as draw from './draw.js';
 import {
   recalculateDimensions

src/svgcanvas/svgcanvas.js

@@ -63,7 +63,7 @@ import {
   init as blurInit, setBlurNoUndo, setBlurOffsets, setBlur
 } from './blur-event.js';
 import { sanitizeSvg } from './sanitize.js';
-import { getReverseNS, NS } from '../common/namespaces.js';
+import { getReverseNS, NS } from './namespaces.js';
 import {
   text2xml, assignAttributes, cleanupElement, getElem, getUrlFromAttr,
   findDefs, getHref, setHref, getRefElem, getRotationAngle, getPathBBox,

src/svgcanvas/svgroot.js

@@ -5,7 +5,7 @@
  *
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { text2xml } from './utilities.js';
 
 /**

src/svgcanvas/text-actions.js

@@ -6,7 +6,7 @@
  */
 
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import {
   transformPoint, getMatrix
 } from './math.js';

src/svgcanvas/utilities.js

@@ -6,7 +6,7 @@
  * @copyright 2010 Alexis Deveria, 2010 Jeff Schiller
  */
 
-import { NS } from '../common/namespaces.js';
+import { NS } from './namespaces.js';
 import { setUnitAttr, getTypeMap } from '../common/units.js';
 import {
   hasMatrixTransform, transformListToTransform, transformBox