sanitize-html v2.7.3 Release Notes
Release Date: 2022-10-24 // about 2 years ago-
- ๐ If allowedTags is falsy but not exactly
false
, then do not assume that all tags are allowed. Rather, allow no tags in this case, to be on the safe side. This matches the existing documentation and fixes issue #176. Thanks to Kedar Chandrayan for the fix.
- ๐ If allowedTags is falsy but not exactly
Previous changes from v2.7.2
-
- ๐ Closing tags must agree with opening tags. This fixes issue #549, in which closing tags not associated with any permitted opening tag could be passed through. No known exploit exists, but it's better not to permit this. Thanks to Kedar Chandrayan for the report and the fix.