All Versions
Latest Version
Avg Release Cycle
24 days
Latest Release
0 days ago

Changelog History
Page 1

  • v2.1.0

    September 23, 2020
    • πŸ›  Fixed several possible mXSS patterns, thanks @hackvertor
    • Removed the SAFE_FOR_JQUERY flag (we are safe by default now for jQuery)
    • βœ‚ Removed several now useless mXSS checks
    • ⚑️ Updated the mXSS check for elements
    • ⚑️ Updated test cases to cover new sanitization strategy
    • ⚑️ Updated test website to use newer jQuery
    • ⚑️ Updated array of tested browsers and removed legacy browsers
    • βž• Added "auto convert" checkbox to test website, thanks @hackvertor
  • v2.0.17

    September 20, 2020
    • πŸ›  Fixed another bypass causing mXSS by using MathML
  • v2.0.16

    September 18, 2020
    • πŸ›  Fixed an mXSS-based bypass caused by nested forms inside MathML
    • πŸ›  Fixed a security error thrown on older Chrome on Android versions, see #470

    🍱 Credits for the bypass go to MichaΕ‚ Bentkowski (@securityMB) of Securitum who spotted the bug in Chrome, turned it into another DOMPurify bypass, reported and helped verifying the fix πŸ™‡β€β™‚οΈ πŸ™‡β€β™€οΈ

  • v2.0.15

    September 03, 2020
    • βž• Added a renovated test suite, thanks @peernohell
    • πŸ›  Fixed some minor linter warnings
  • v2.0.14

    August 27, 2020
    • πŸ›  Fixed a problem with the documentMode default value
  • v2.0.13

    August 27, 2020
  • v2.0.12

    June 24, 2020
    • πŸ›  Fixed a minor bug when working with Trusted Types
    • πŸ›  Fixed some typos in a demo file
    • πŸ›  Fixed some wordings in code and docs
  • v2.0.11

    May 06, 2020
    • πŸ›  Fixed faulty behavior for non breaking space characters
    • Added ADD_DATA_URI_TAGS directive to allow customizing Data URI tag behavior
  • v2.0.10

    April 23, 2020
    • πŸ›  Fixed a dependency problem causing builds to break
    • πŸ›  Fixed a test in Chrome 83 covering Trusted Types
  • v2.0.9

    April 22, 2020
    • βœ‚ Removed a meanwhile useless parser check
    • βž• Added countless new attributes to whitelist
    • βž• Added whole new build and system
    • βž• Added license tag to compressed files
    • ⚑️ Updated README for more clarity