Fix table formatting

This pulls PR #186 locally and moves the unittest to a different file.

I believe this addresses issue #137

Author: mikesamuel

src/main/java/org/owasp/html/HtmlElementTables.java

@@ -142,10 +142,10 @@ public HtmlElementTables(
             TD_TAG, new int[] { TR_TAG, TD_TAG, TH_TAG },
             new int[] { TABLE_TAG, TBODY_TAG, TR_TAG }),
         new FreeWrapper(
-            TH_TAG, new int[] { TR_TAG, TD_TAG, TR_TAG },
+            TH_TAG, new int[] { TR_TAG, TD_TAG, TH_TAG },
             new int[] { TABLE_TAG, TBODY_TAG, TR_TAG }),
         new FreeWrapper(
-            TR_TAG, new int[] { TBODY_TAG, THEAD_TAG, TFOOT_TAG, TR_TAG },
+            TR_TAG, new int[] { TBODY_TAG, THEAD_TAG, TFOOT_TAG, TR_TAG, TD_TAG, TH_TAG },
             new int[] { TABLE_TAG, TBODY_TAG }),
         new FreeWrapper(
             TBODY_TAG, new int[] { TABLE_TAG, THEAD_TAG, TBODY_TAG, TFOOT_TAG },

src/test/java/org/owasp/html/HtmlPolicyBuilderTest.java

@@ -958,6 +958,23 @@ public static final void testNoscriptInAttribute() {
             "<noscript><p title=\"</noscript><img src=x onerror=alert(1)>\">"));
   }
 
+  @Test
+  public static final void testTableStructure() {
+    String input =
+        "<TABLE>"
+        + "<TR><TD>Foo<TD>Bar"
+        + "<TR><TH>Baz<TH>Boo<TH>Far<TH>Faz"
+        + "<TR><TD>Oink<TD>Doink<TD>Poink<TD>Toink";
+    String sanitized = Sanitizers.TABLES.sanitize(input);
+    assertEquals(
+            ("<table><tbody>"
+             + "<tr><td>Foo</td><td>Bar</td></tr>"
+             + "<tr><th>Baz</th><th>Boo</th><th>Far</th><th>Faz</th></tr>"
+             + "<tr><td>Oink</td><td>Doink</td><td>Poink</td><td>Toink</td></tr>"
+             + "</tbody></table>"),
+        sanitized);
+  }
+
   private static String apply(HtmlPolicyBuilder b) {
     return apply(b, EXAMPLE);
   }