| mikesamuel | 0416a07 | 2011-08-02 17:12:38 +0000 | [diff] [blame] | 1 | <!DOCTYPE HTML><html><head> |
| 2 | <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> |
| 3 | <title>OWASP Java HTML Sanitizer Change Log</title> |
| 4 | </head> |
| 5 | <body> |
| 6 | <h1>OWASP Java HTML Sanitizer Change Log</h1> |
| 7 | <ol> |
| mikesamuel | 358e071 | 2011-10-21 16:30:10 +0000 | [diff] [blame^] | 8 | <li value="83">Prevent DoS of browsers via extremely deeply nested |
| 9 | tags. In sanitized CSS, allow CSS property |
| 10 | <code>background-color</code> and<code>font-size</code>s specified |
| 11 | in <code>px</code>.</li> |
| mikesamuel | 80e7e75 | 2011-10-09 22:23:45 +0000 | [diff] [blame] | 12 | <li value="74">Added convenient pre-packaged policies in Sanitizers. |
| 13 | Fixed bug in how warnings are reported via the badHtml Handler.</li> |
| mikesamuel | a362ec3 | 2011-08-17 21:59:50 +0000 | [diff] [blame] | 14 | <li value="50">Better handling of supplementary codepoints to avoid |
| mikesamuel | 5d6c732 | 2011-08-17 21:57:54 +0000 | [diff] [blame] | 15 | UTF-16/UCS-2 confusion in browsers.</li> |
| mikesamuel | 797b5e2 | 2011-08-10 17:46:28 +0000 | [diff] [blame] | 16 | <li value="48">Added new HTML5 URL attributes to list used to |
| 17 | safeguard URL attributes in <code>HtmlPolicyBuilder</code>.</li> |
| mikesamuel | 0416a07 | 2011-08-02 17:12:38 +0000 | [diff] [blame] | 18 | <li value="42">Changed <code>HtmlSanitizer.sanitize</code> to allow |
| 19 | <code>null</code> as a valid value for the HTML snippet.</li> |
| 20 | </ol> |
| 21 | </body></html> |