Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

cure53 / DOMPurify Public

Notifications You must be signed in to change notification settings
Fork 748
Star 14.4k

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Releases: cure53/DOMPurify

Releases Tags

Releases · cure53/DOMPurify

DOMPurify 2.4.2

06 Jan 13:07

cure53

2.4.2

f1e180f

Compare

Choose a tag to compare

View all tags

DOMPurify 2.4.2

Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @tosmolka
Fixed a Prototype Pollution issue discovered and reported by @kevin-mizu

Contributors

tosmolka and kevin-mizu

Assets 2

All reactions

DOMPurify 2.4.1

10 Nov 14:01

cure53

2.4.1

67f784c

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.4.1

Added new config option ALLOWED_NAMESPACES for better XML handling, thanks @kevin-deyoungster @tosmolka
Added better detection of template literals when SAFE_FOR_TEMPLATES is true
Fixed an exception caused by DOM clobbering, thanks @masatokinugawa
Bumped some dependencies, thanks @marcpenya-tf

Contributors

masatokinugawa, kevin-deyoungster, and 2 other contributors

Assets 2

rodnye reacted with laugh emoji

All reactions

😄 1 reaction

1 person reacted

DOMPurify 2.4.0

24 Aug 17:34

cure53

2.4.0

5f8e875

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.4.0

Removed bundled types again as they caused too much trouble

Assets 2

All reactions

DOMPurify 2.3.12

23 Aug 15:41

cure53

2.3.12

caaae5e

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.12

Fixed an issue in 2.3.11 causing errors w. TypeScript, see #712, thanks @Mirco469, @brentkeller, @aryanisml

Contributors

brentkeller, aryanisml, and Mirco469

Assets 2

All reactions

DOMPurify 2.3.11

23 Aug 09:20

cure53

2.3.11

30af6c8

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.11

Added generated type definitions for better compatibility
Added SANITIZE_NAMED_PROPS config option, thanks @SoheilKhodayari
Updated README and config documentation, thanks @0xedward
Updated test suite with newer Node versions

Contributors

SoheilKhodayari and 0xedward

Assets 2

All reactions

DOMPurify 2.3.10

18 Jul 13:03

cure53

2.3.10

aedec31

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.10

Added support for sanitization of attributes requiring Trusted Types, thanks @tosmolka

Contributors

tosmolka

Assets 2

adarshmadrecha and tronikelis reacted with heart emoji

All reactions

❤️ 2 reactions

2 people reacted

DOMPurify 2.3.9

11 Jul 12:22

cure53

2.3.9

52c8eb1

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.9

Made TAG and ATTR config options case-sensitive when parsing XHTML, thanks @tosmolka
Bumped some dependencies, thanks @is2ei
Included github-actions in the dependabot config, thanks @nathannaveen

Contributors

is2ei, tosmolka, and nathannaveen

Assets 2

kytosai and chrispanag reacted with thumbs up emoji

All reactions

👍 2 reactions

2 people reacted

DOMPurify 2.3.8

13 May 13:58

cure53

2.3.8

dc6db2c

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.8

Cleaned up a minor issue with the 2.3.7 release, thanks @johnbirds

No other changes compared to 2.3.7 release, which entail:

Fixes around a bug in Safari, thanks @sybrew
Slightly improved performance, thanks @tiny-ben-tran
Lots of chores, bumps and typo fixes, thanks @is2ei
Removed unnecessary string trimming, thanks @christopherehlen

Contributors

is2ei, sybrew, and 2 other contributors

Assets 2

0xGodson and AntoineAA reacted with thumbs up emoji

All reactions

👍 2 reactions

2 people reacted

DOMPurify 2.3.6

16 Feb 07:19

cure53

2.3.6

c84f6e4

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.6

Added an option to allow HTML5 doctypes, thanks @tosmolka
Bumped several dependencies, thanks @is2ei
Updated documentation to cover recently added flags, thanks @is2ei

Contributors

is2ei and tosmolka

Assets 2

All reactions

DOMPurify 2.3.5

26 Jan 14:05

cure53

2.3.5

8eab0ac

This commit was signed with the committer’s verified signature.

cure53 Cure53

GPG key ID: 5F0CDACD24BB6BF4

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

DOMPurify 2.3.5

Performed several chores and cleanups, thanks @is2ei
Fixed a bug when working with Trusted Types, thanks @tosmolka
Fixed a bug with weird behavior on insecure nodes in IN_PLACE mode, thanks @tosmolka
Added more SVG attributes to allow-list, thanks @rzhade3

Contributors

is2ei, rzhade3, and tosmolka

Assets 2

All reactions

Previous 1 2 3 4 5 6 7 … 12 13 Next

Previous Next

Footer

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.