All Versions
Latest Version
Avg Release Cycle
38 days
Latest Release
155 days ago

Changelog History
Page 7

  • v1.13.0 Changes

    transformTags can now add text to an element that initially had none. Thanks to Dushyant Singh.

  • v1.12.0 Changes

    ๐Ÿ— option to build for browser-side use. Thanks to Michael Blum.

  • v1.11.4 Changes

    fixed crash when __proto__ is a tag name. Now using a safe check for the existence of properties in all cases. Thanks to Andrew Krasichkov.

    ๐Ÿ›  Fixed XSS attack vector via textarea tags (when explicitly allowed). Decided that script (obviously) and style (due to its own XSS vectors) cannot realistically be afforded any XSS protection if allowed, unless we add a full CSS parser. Thanks again to Andrew Krasichkov.

  • v1.11.3 Changes

    โฌ†๏ธ bumped htmlparser2 version to address crashing bug in older version. Thanks to e-jigsaw.

  • v1.11.2 Changes

    ๐Ÿ›  fixed README typo that interfered with readability due to markdown issues. No code changes. Thanks to Mikael Korpela. Also improved code block highlighting in README. Thanks to Alex Siman.

  • v1.11.1 Changes

    ๐Ÿ›  fixed a regression introduced in 1.11.0 which caused the closing tag of the parent of a textarea tag to be lost. Thanks to Stefano Sala, who contributed the missing test.

  • v1.11.0 Changes

    โž• added the nonTextTags option, with tests.

  • v1.10.1 Changes

    ๐Ÿ“š documentation cleanup. No code changes. Thanks to Rex Schrader.

  • v1.10.0 Changes

    allowedAttributes now allows you to allow attributes for all tags by specifying * as the tag name. Thanks to Zdravko Georgiev.

  • v1.9.0 Changes

    ๐Ÿ“œ parser option allows options to be passed directly to htmlparser. Thanks to Danny Scott.