From a2d85453820cd2016dc45d904870b4cdafb6bc25 Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Wed, 25 Aug 2021 07:43:26 -0400
Subject: [PATCH] Forbid instances of `/*` in `:style()` operator

Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1693
---
 src/js/static-filtering-parser.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/js/static-filtering-parser.js b/src/js/static-filtering-parser.js
index 1d792794b..bf9a48330 100644
--- a/src/js/static-filtering-parser.js
+++ b/src/js/static-filtering-parser.js
@@ -1539,8 +1539,13 @@ Parser.prototype.SelectorCompiler = class {
     }
 
     // https://github.com/uBlockOrigin/uBlock-issues/issues/668
+    // https://github.com/uBlockOrigin/uBlock-issues/issues/1693
+    //   Forbid instances of:
+    //   - `url(`
+    //   - backslashes `\`
+    //   - opening comment `/*`
     compileStyleProperties(s) {
-        if ( /url\(|\\/i.test(s) ) { return; }
+        if ( /url\(|\\|\/\*/i.test(s) ) { return; }
         if ( this.div === null ) { return s; }
         this.div.style.cssText = s;
         if ( this.div.style.cssText === '' ) { return; }