This looks like a bug. Sanitizers.STYLES doesn't work as advertised,
so the style="..." attribute is rejected out of hand, and <span> is
one of the elements that is, by default, stripped when it has no
attributes.
I'm looking into a fix and will respond to this thread when I know more.
I repeated the problem using:
PolicyFactory sanitizer = Sanitizers.FORMATTING
.and(Sanitizers.BLOCKS)
.and(Sanitizers.STYLES)
.and(Sanitizers.LINKS);
String input = "<span style=\"font-weight: bold;"
+ " text-decoration: underline; background-color: yellow;\""
+ ">aaaaaaaaaaaaaaaaaaaaaaa</span>";
String got = sanitizer.sanitize(input);
String want = input;
assertEquals(want, got);