Skip to content

Releases: cure53/DOMPurify

DOMPurify 3.1.7

26 Sep 11:11
@cure53 cure53
3.1.7
69c8c12
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 3.1.7 Latest
Latest
  • Fixed an issue with comment detection and possible bypasses with specific config settings, thanks @masatokinugawa
  • Fixed several smaller typos in documentation and test & build files, thanks @christianhg
  • Added better support for Angular compiler, thanks @jeroen1602
  • Added several new attributes to HTML and SVG allow-list, thanks @Gigabyte5671 and @Rotzbua
  • Removed the foreignObject element from the list of HTML entry-points, thanks @masatokinugawa
  • Bumped several dependencies to be more up to date

Contributors

jeroen1602, masatokinugawa, and 3 other contributors
Assets 2
Loading

DOMPurify 2.5.7

26 Sep 10:53
@cure53 cure53
2.5.7
71683cb
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 5F0CDACD24BB6BF4
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 2.5.7
  • Fixed an issue with comment detection and possible bypasses with specific config settings, thanks @masatokinugawa
  • Removed the foreignObject element from the list of HTML entry-points, thanks @masatokinugawa

Contributors

masatokinugawa
Assets 2
Loading

DOMPurify 3.1.6

05 Jul 13:06
@cure53 cure53
3.1.6
4083a90
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 3.1.6
  • Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @kevin-mizu
  • Fixed an issue with element removal leading to uncaught errors through DOM Clobbering, thanks @realansgar
  • Fixed a minor problem with the bower file pointing to the wrong dist path
  • Fixed several minor typos in docs, comments and comment blocks, thanks @Rotzbua
  • Updated several development dependencies

Contributors

Rotzbua, realansgar, and kevin-mizu
Assets 2
Loading

DOMPurify 2.5.6

05 Jul 13:04
@cure53 cure53
2.5.6
d78f241
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 5F0CDACD24BB6BF4
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 2.5.6
  • Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @kevin-mizu
  • Fixed a minor problem with the bower file pointing to the wrong dist path
  • Updated several development dependencies

Contributors

kevin-mizu
Assets 2
Loading

DOMPurify 3.1.5

31 May 09:22
@cure53 cure53
3.1.5
6676133
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 3.1.5
  • Fixed a minor issue with the dist paths in bower.js, thanks @HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @kakao-bishop-cho

Contributors

HakumenNC and kakao-bishop-cho
Assets 2
Loading

DOMPurify 2.5.5

31 May 09:10
@cure53 cure53
2.5.5
de2545c
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 5F0CDACD24BB6BF4
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 2.5.5
  • Fixed a minor issue with the dist paths in bower.js, thanks @HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @kakao-bishop-cho

Contributors

HakumenNC and kakao-bishop-cho
Assets 2
Loading

DOMPurify 3.1.4

20 May 11:16
@cure53 cure53
3.1.4
7517e9c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 3.1.4
  • Fixed an issue with the recently implemented isNaN checks, thanks @tulach
  • Added several new popover attributes to allow-list, thanks @Gigabyte5671
  • Fixed the tests and adjusted the test runner to cover all branches

Contributors

tulach and Gigabyte5671
Assets 2
Loading

DOMPurify 2.5.4

20 May 11:08
@cure53 cure53
2.5.4
10c1261
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 5F0CDACD24BB6BF4
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 2.5.4
  • Fixed a bug with latest isNaN checks affecting MSIE, thanks @tulach
  • Fixed the tests for MSIE and fixed related test-runner

Contributors

tulach
Assets 2
Loading

DOMPurify 3.1.3

11 May 12:00
@cure53 cure53
3.1.3
3fe78d7
This commit was signed with the committer’s verified signature.
cure53 Cure53
GPG key ID: 5F0CDACD24BB6BF4
Learn about vigilant mode.
Compare
Choose a tag to compare
DOMPurify 3.1.3
  • Fixed several mXSS variations found by and thanks to @kevin-mizu & @Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @kevin-mizu
  • Added better handling and readability of the nodeType property, thanks @ssi02014
  • Fixed some smaller issues in README and other documentation

Contributors

kevin-mizu, Ry0taK, and ssi02014
Assets 2
Loading

DOMPurify 2.5.3

11 May 10:21
@cure53 cure53
2.5.3
e1ddfc7
Compare
Choose a tag to compare
DOMPurify 2.5.3
  • Fixed several mXSS variations found by and thanks to @kevin-mizu & @Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @kevin-mizu
  • Fixed some smaller issues in README and other documentation

Contributors

kevin-mizu and Ry0taK
Assets 2
Loading