From 0a74287a432d5150b071d9acc35d5a61784bc411 Mon Sep 17 00:00:00 2001
From: anak-dev <89004665+AN-dev-24@users.noreply.github.com>
Date: Sat, 21 Sep 2024 10:07:10 +0900
Subject: [PATCH] fix: allow classes that match `allowedClasses` regex for all
 tags

---
 index.js     |  3 ++-
 test/test.js | 13 +++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 3fbc267..a66e928 100644
--- a/index.js
+++ b/index.js
@@ -439,12 +439,13 @@ function sanitizeHtml(html, options, _recursing) {
               const allowedWildcardClasses = allowedClassesMap['*'];
               const allowedSpecificClassesGlob = allowedClassesGlobMap[name];
               const allowedSpecificClassesRegex = allowedClassesRegexMap[name];
+              const allowedWildcardClassesRegex = allowedClassesRegexMap['*'];
               const allowedWildcardClassesGlob = allowedClassesGlobMap['*'];
               const allowedClassesGlobs = [
                 allowedSpecificClassesGlob,
                 allowedWildcardClassesGlob
               ]
-                .concat(allowedSpecificClassesRegex)
+                .concat(allowedSpecificClassesRegex, allowedWildcardClassesRegex)
                 .filter(function (t) {
                   return t;
                 });
diff --git a/test/test.js b/test/test.js
index 81f006a..1d735a8 100644
--- a/test/test.js
+++ b/test/test.js
@@ -510,6 +510,19 @@ describe('sanitizeHtml', function() {
       '<p class="nifty33 dippy">whee</p>'
     );
   });
+  it('should allow classes that match `allowedClasses` regex for all tags', function() {
+    assert.equal(
+      sanitizeHtml(
+        '<p class="nifty33 nifty2 dippy">whee</p>',
+        {
+          allowedClasses: {
+            '*': [ /^nifty\d{2}$/, /^d\w{4}$/ ]
+          }
+        }
+      ),
+      '<p class="nifty33 dippy">whee</p>'
+    );
+  });
   it('should allow defining schemes on a per-tag basis', function() {
     assert.equal(
       sanitizeHtml(