Skip to content

Releases: cure53/DOMPurify

DOMPurify 3.0.3

06 May 12:26
c70f8c5
Compare
Choose a tag to compare
  • Added new TRUSTED_TYPES_POLICY configuration option, thanks @dejang
  • Added feDropShadow to the SVG filter allow-list, thanks @SelfMadeSystem

DOMPurify 3.0.2

14 Apr 17:02
671167b
Compare
Choose a tag to compare
  • Fixed an issue with ALLOWED_URI_REGEXP not being reset, thanks @mukilane
  • Added mprescripts tag to allowed MathML elements, thanks @duyhai94
  • Added SMS URI scheme to allowed URI schemes, tanks @Kiwka
  • Updated supported browser versions for nicer code and smaller size, thanks @buzinas

DOMPurify 3.0.1

26 Feb 15:30
e42464f
Compare
Choose a tag to compare
  • Fixed a problem with improper reset of custom HTML options, thanks @ammaraskar

DOMPurify 2.4.5

26 Feb 15:30
f464d95
Compare
Choose a tag to compare
  • Fixed a problem with improper reset of custom HTML options, thanks @ammaraskar

DOMPurify 3.0.0

13 Feb 16:45
5dcf2a0
Compare
Choose a tag to compare
  • Removed all code that is for MSIE-only
  • Removed all tests that are for MSIE-only
  • Modified documentation to reflect new state of MSIE support
  • Added support for ALLOW_SELF_CLOSE_IN_ATTR flag, thanks @edg2s @AndreVirtimo
  • Added better support for shadowrootmode, thanks @mfreed7

NOTE Please use the 2.4.4 release if you still need MSIE support, 3.0.0 comes without the MSIE overhead

DOMPurify 2.4.4

13 Feb 16:41
fa4e8ee
Compare
Choose a tag to compare
  • Added support for ALLOW_SELF_CLOSE_IN_ATTR flag, thanks @edg2s @AndreVirtimo
  • Added better support for shadowrootmode, thanks @mfreed7

DOMPurify 2.4.3

06 Jan 14:14
90326ef
Compare
Choose a tag to compare
  • Final release that is compatible with MSIE10 & MSIE 11

DOMPurify 2.4.2

06 Jan 13:07
Compare
Choose a tag to compare
  • Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @tosmolka
  • Fixed a Prototype Pollution issue discovered and reported by @kevin-mizu

DOMPurify 2.4.1

10 Nov 14:01
67f784c
Compare
Choose a tag to compare
  • Added new config option ALLOWED_NAMESPACES for better XML handling, thanks @kevin-deyoungster @tosmolka
  • Added better detection of template literals when SAFE_FOR_TEMPLATES is true
  • Fixed an exception caused by DOM clobbering, thanks @masatokinugawa
  • Bumped some dependencies, thanks @marcpenya-tf

DOMPurify 2.4.0

24 Aug 17:34
5f8e875
Compare
Choose a tag to compare
  • Removed bundled types again as they caused too much trouble