2021-05-06 11:32:55 +08:00
|
|
|
# CHANGELOG
|
|
|
|
|
|
2022-03-06 15:21:07 +08:00
|
|
|
## v1.0.11 (2022-03-06)
|
|
|
|
|
|
|
|
|
|
- [feat: add support for allowList as an alias for whiteList](https://github.com/leizongmin/js-xss/pull/249)
|
|
|
|
|
|
2021-10-08 16:50:33 +08:00
|
|
|
## v1.0.10 (2021-10-08)
|
|
|
|
|
|
|
|
|
|
- [Fix: #239 stripCommentTag DoS attack](https://github.com/leizongmin/js-xss/pull/239)
|
|
|
|
|
|
2021-05-06 11:32:55 +08:00
|
|
|
## v1.0.9 (2021-05-06)
|
|
|
|
|
|
|
|
|
|
- [Fix whitespace bypass #218](https://github.com/leizongmin/js-xss/pull/218/files) by @TomAnthony
|
|
|
|
|
- [Add `<summary>` to default whitelist #216](https://github.com/leizongmin/js-xss/pull/216) by @spacegaier
|
2021-05-06 13:08:35 +08:00
|
|
|
- [Add `<figure>` and `<figcaption>` to default whitelist](https://github.com/leizongmin/js-xss/pull/220) by @daraz999
|
|
|
|
|
- Add `<audio crossorigin muted>`, `<video crossorigin muted playsinline poster>` to default whitelist
|
2021-05-06 13:11:03 +08:00
|
|
|
- Add `<strike>` to default whitelist
|
2021-05-06 13:29:53 +08:00
|
|
|
- Fix: typings IWhiteList allow any tag name
|
|
|
|
|
- Fix: typings `onTag` options
|
2021-05-06 11:32:55 +08:00
|
|
|
|
2020-07-27 10:21:57 +08:00
|
|
|
## v1.0.8 (2020-07-27)
|
|
|
|
|
|
2020-07-27 10:28:36 +08:00
|
|
|
- [Allow default imports in TS #200](https://github.com/leizongmin/js-xss/pull/200) by @danvk
|
|
|
|
|
- [Update handling of quoteStart to prevent sanitization bypass #201](https://github.com/leizongmin/js-xss/pull/201) by @TomAnthony
|
2020-07-27 10:21:57 +08:00
|
|
|
|
2020-06-08 10:58:18 +08:00
|
|
|
## v1.0.7 (2020-06-08)
|
|
|
|
|
|
2020-07-27 10:28:36 +08:00
|
|
|
- [added support for src embedded image, ftp and relative urls](https://github.com/leizongmin/js-xss/pull/189) by @sijanec
|
