Releases: cure53/DOMPurify
Releases · cure53/DOMPurify
DOMPurify 3.0.3
- Added new
TRUSTED_TYPES_POLICY
configuration option, thanks @dejang - Added
feDropShadow
to the SVG filter allow-list, thanks @SelfMadeSystem
DOMPurify 3.0.2
DOMPurify 3.0.1
- Fixed a problem with improper reset of custom HTML options, thanks @ammaraskar
DOMPurify 2.4.5
- Fixed a problem with improper reset of custom HTML options, thanks @ammaraskar
DOMPurify 3.0.0
- Removed all code that is for MSIE-only
- Removed all tests that are for MSIE-only
- Modified documentation to reflect new state of MSIE support
- Added support for
ALLOW_SELF_CLOSE_IN_ATTR
flag, thanks @edg2s @AndreVirtimo - Added better support for
shadowrootmode
, thanks @mfreed7
NOTE Please use the 2.4.4 release if you still need MSIE support, 3.0.0 comes without the MSIE overhead
DOMPurify 2.4.4
- Added support for
ALLOW_SELF_CLOSE_IN_ATTR
flag, thanks @edg2s @AndreVirtimo - Added better support for
shadowrootmode
, thanks @mfreed7
DOMPurify 2.4.3
- Final release that is compatible with MSIE10 & MSIE 11
DOMPurify 2.4.2
- Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @tosmolka
- Fixed a Prototype Pollution issue discovered and reported by @kevin-mizu
DOMPurify 2.4.1
- Added new config option
ALLOWED_NAMESPACES
for better XML handling, thanks @kevin-deyoungster @tosmolka - Added better detection of template literals when
SAFE_FOR_TEMPLATES
istrue
- Fixed an exception caused by DOM clobbering, thanks @masatokinugawa
- Bumped some dependencies, thanks @marcpenya-tf
DOMPurify 2.4.0
- Removed bundled types again as they caused too much trouble