Disable CSS sanitization in djangocms-text-ckeditor

The library used by djangocms-text-ckeditor is html5lib. It's deprecated and outdated.
This should be fine because:
- We have a CSP in place
- Our editors are trusted (is_staff)

I know there are CSS shenanigans, but we need the flexibility of custom styles.

Author: stefanw

fragdenstaat_de/settings/base.py

@@ -302,6 +302,20 @@ def three_days_ago_but_not_sundays(date):
         "sandbox",
         "style",
     )
+
+    # WARNING: We are monkey patching to not sanitize CSS
+    # The used html5lib CSS Sanitizer is deprecated, outdated
+    def _monkey_patch_css_sanitizer():
+        # Do not sanitize CSS
+        def sanitize_css(self, style):
+            return style
+
+        from djangocms_text_ckeditor.sanitizer import TextSanitizer
+
+        TextSanitizer.sanitize_css = sanitize_css
+
+    _monkey_patch_css_sanitizer()
+
     TEXT_ADDITIONAL_PROTOCOLS = ("bank",)
 
     CKEDITOR_SETTINGS = {