Releases: cure53/DOMPurify
Releases · cure53/DOMPurify
DOMPurify 2.4.9
- Fixed another conditional bypass caused by Processing Instructions, thanks @Ry0taK
- Fixed the regex for HTML Custom Element detection, thanks @AlekseySolovey3T
DOMPurify 3.0.10
- Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @Slonser
- Bumped up some build and test dependencies
DOMPurify 2.4.8
- Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @Slonser
DOMPurify 3.0.9
- Fixed a problem with proper detection of Custom Elements, thanks @kevin-mizu
- Refactored the
hasOwnProperty
logic, thanks @ssi02014 - Removed a superfluous
console.warn
making HappyDom happier, thanks @HugoPoi - Modernized some of the demo hooks for better looks, thanks @Steb95
DOMPurify 3.0.8
DOMPurify 3.0.7
- Added better protection against CSPP attacks, thanks @kevin-mizu
- Updated browser versions for automated tests
- Updated Node versions for automated tests
- Refactored code base, thanks @ssi02014
- Refactored build system & deployment, thanks @ssi02014
DOMPurify 3.0.6
DOMPurify 3.0.5
- Fixed a licensing issue spotted and reported by @george-thomas-hill
- Updated several build and test dependencies
DOMPurify 2.4.7
- Fixed a licensing issue spotted and reported by @george-thomas-hill
DOMPurify 3.0.4
- Fixed a bypass in jsdom 22 in case the noframes element is permitted, thanks @leeN
- Fixed a typo with
shadowrootmod
which should beshadowrootmode
, thanks @masatokinugawa