Releases: cure53/DOMPurify
Releases · cure53/DOMPurify
DOMPurify 3.2.0
- Added type declarations, thanks @reduckted , @philmayfield, @aloisklink, @ssi02014 and others
- Fixed a minor issue with the handling of hooks, thanks @kevin-mizu
DOMPurify 3.1.7
- Fixed an issue with comment detection and possible bypasses with specific config settings, thanks @masatokinugawa
- Fixed several smaller typos in documentation and test & build files, thanks @christianhg
- Added better support for Angular compiler, thanks @jeroen1602
- Added several new attributes to HTML and SVG allow-list, thanks @Gigabyte5671 and @Rotzbua
- Removed the
foreignObject
element from the list of HTML entry-points, thanks @masatokinugawa - Bumped several dependencies to be more up to date
DOMPurify 2.5.7
- Fixed an issue with comment detection and possible bypasses with specific config settings, thanks @masatokinugawa
- Removed the
foreignObject
element from the list of HTML entry-points, thanks @masatokinugawa
DOMPurify 3.1.6
- Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @kevin-mizu
- Fixed an issue with element removal leading to uncaught errors through DOM Clobbering, thanks @realansgar
- Fixed a minor problem with the bower file pointing to the wrong dist path
- Fixed several minor typos in docs, comments and comment blocks, thanks @Rotzbua
- Updated several development dependencies
DOMPurify 2.5.6
- Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @kevin-mizu
- Fixed a minor problem with the bower file pointing to the wrong dist path
- Updated several development dependencies
DOMPurify 3.1.5
- Fixed a minor issue with the dist paths in
bower.js
, thanks @HakumenNC - Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @kakao-bishop-cho
DOMPurify 2.5.5
- Fixed a minor issue with the dist paths in
bower.js
, thanks @HakumenNC - Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @kakao-bishop-cho
DOMPurify 3.1.4
- Fixed an issue with the recently implemented
isNaN
checks, thanks @tulach - Added several new popover attributes to allow-list, thanks @Gigabyte5671
- Fixed the tests and adjusted the test runner to cover all branches
DOMPurify 2.5.4
- Fixed a bug with latest
isNaN
checks affecting MSIE, thanks @tulach - Fixed the tests for MSIE and fixed related test-runner
DOMPurify 3.1.3
- Fixed several mXSS variations found by and thanks to @kevin-mizu & @Ry0taK
- Added better configurability for comment scrubbing default behavior
- Added better hardening against Prototype Pollution attacks, thanks @kevin-mizu
- Added better handling and readability of the
nodeType
property, thanks @ssi02014 - Fixed some smaller issues in README and other documentation