Releases: cure53/DOMPurify
Releases · cure53/DOMPurify
DOMPurify 3.0.0
- Removed all code that is for MSIE-only
- Removed all tests that are for MSIE-only
- Modified documentation to reflect new state of MSIE support
- Added support for
ALLOW_SELF_CLOSE_IN_ATTR
flag, thanks @edg2s @AndreVirtimo - Added better support for
shadowrootmode
, thanks @mfreed7
NOTE Please use the 2.4.4 release if you still need MSIE support, 3.0.0 comes without the MSIE overhead
DOMPurify 2.4.4
- Added support for
ALLOW_SELF_CLOSE_IN_ATTR
flag, thanks @edg2s @AndreVirtimo - Added better support for
shadowrootmode
, thanks @mfreed7
DOMPurify 2.4.3
- Final release that is compatible with MSIE10 & MSIE 11
DOMPurify 2.4.2
- Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @tosmolka
- Fixed a Prototype Pollution issue discovered and reported by @kevin-mizu
DOMPurify 2.4.1
- Added new config option
ALLOWED_NAMESPACES
for better XML handling, thanks @kevin-deyoungster @tosmolka - Added better detection of template literals when
SAFE_FOR_TEMPLATES
istrue
- Fixed an exception caused by DOM clobbering, thanks @masatokinugawa
- Bumped some dependencies, thanks @marcpenya-tf
DOMPurify 2.4.0
- Removed bundled types again as they caused too much trouble
DOMPurify 2.3.12
- Fixed an issue in 2.3.11 causing errors w. TypeScript, see #712, thanks @Mirco469, @brentkeller, @aryanisml
DOMPurify 2.3.11
- Added generated type definitions for better compatibility
- Added SANITIZE_NAMED_PROPS config option, thanks @SoheilKhodayari
- Updated README and config documentation, thanks @0xedward
- Updated test suite with newer Node versions
DOMPurify 2.3.10
- Added support for sanitization of attributes requiring Trusted Types, thanks @tosmolka
DOMPurify 2.3.9
- Made TAG and ATTR config options case-sensitive when parsing XHTML, thanks @tosmolka
- Bumped some dependencies, thanks @is2ei
- Included github-actions in the dependabot config, thanks @nathannaveen