diff --git a/product/PortalTransforms/transforms/safe_html.py b/product/PortalTransforms/transforms/safe_html.py index 1d5332c9ab35cd7e7d22aa83a86d86cb20e3db77..e362890435ffb60598d50b8aa86e794e2c4c6f14 100644 --- a/product/PortalTransforms/transforms/safe_html.py +++ b/product/PortalTransforms/transforms/safe_html.py @@ -130,6 +130,8 @@ class StrippingParser(HTMLParser): if remove_script and k.strip().lower().startswith('on'): if not self.raise_error: continue else: raise IllegalHTML, 'Script event "%s" not allowed.' % k + elif v is None: + self.result.append(' %s' % (k,)) elif remove_script and hasScript(v): if not self.raise_error: continue else: raise IllegalHTML, 'Script URI "%s" not allowed.' % v