This repository was archived by the owner on Apr 1, 2026. It is now read-only.
1.22.1
### Bug fixes Add code to `DOMSerializer` that rejects DOM output specs when they originate from attribute values, to protect against XSS attacks that use corrupt attribute input.