SafeHTML\r
--------\r
-Version 1.3.7.\r
-http://pixel-apes.com/safehtml/\r
+Version 1.3.10.\r
+https://wackowiki.org/doc/Dev/Projects/SafeHTML\r
--------\r
\r
This parser strips down all potentially dangerous content within HTML:\r
* opening tag without its closing tag\r
* closing tag without its opening tag\r
- * any of these tags: "base", "basefont", "head", "html", "body", "applet", "object", \r
- "iframe", "frame", "frameset", "script", "layer", "ilayer", "embed", "bgsound", \r
+ * any of these tags: "base", "basefont", "head", "html", "body", "applet", "object",\r
+ "iframe", "frame", "frameset", "script", "layer", "ilayer", "embed", "bgsound",\r
"link", "meta", "style", "title", "blink", "xml" etc.\r
* any of these attributes: on*, data*, dynsrc\r
* javascript:/vbscript:/about: etc. protocols\r
* any other active content\r
It also tries to convert code to XHTML valid, but htmltidy is far better solution for this task.\r
\r
-If you found any bugs in this parser, please inform me -- ICQ:551593 or mailto:thingol@mail.ru\r
+If you found any bugs in this parser, please file an issue -- https://wackowiki.org/bugs/\r
\r
-Please, subscribe to http://pixel-apes.com/safehtml/feed/rss feed in order to receive notices \r
+Please, subscribe to https://wackowiki.org/doc/Dev/Projects/SafeHTML in order to receive notices\r
when SAFEHTML will be updated.\r
\r
-- Roman Ivanov.\r
--------\r
Version history:\r
--------\r
+1.3.10.\r
+ * added HTML5 Block-level elements\r
+1.3.9.\r
+ * Replaced preg_replace() e modifier with preg_replace_callback\r
+1.3.8.\r
+ * UTF-7 XSS vulnerability fixed\r
1.3.7.\r
* Added 'dl' to the list of 'lists' tags.\r
* Added 'callto' to the white list of protocols.\r
dépôts / lhc / web / www.git / blobdiff