Skip to content

DOMPurify 2.0.8
Compare
Choose a tag to compare
@cure53 cure53 released this 03 Feb 13:11
2.0.8
211f0c8
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 43A94EA3B4323240
Learn about vigilant mode.
  • Fixed a bypass that can be abused in case SAFE_FOR_JQUERY is used with jQuery 3.x, thanks @masatokinugawa 🙇‍♀️
  • Added new elements to whitelist, thanks @chris-morgan
  • Added first layer of prototype poisoning protection, thanks @dejang
  • Added better controls for uponSanitizeAttribute, thanks @devinrhode2
  • Added demo for node removal, thanks @mikesnare
Assets 2