mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-08-11 16:44:59 +02:00
Revamp entity decoding to be more like HTML5.
See %Core.LegacyEntityDecoder for more details. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
This commit is contained in:
Edward Z. Yang
4
NEWS
4
NEWS
@@ -32,6 +32,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
rest of the text in case it ran off the end. (#78)
|
||||
- Fix PREG_BACKTRACK_LIMIT_ERROR in HTMLPurifier_Filter_ExtractStyle.
|
||||
Thanks @breathbath for contributing the report and fix (#120)
|
||||
- Fix entity decoding algorithm to be more conservative about
|
||||
decoding entities that are missing trailing semicolon.
|
||||
To get old behavior, set %Core.LegacyEntityDecoder to true.
|
||||
(#119)
|
||||
# By default, when a link has a target attribute associated
|
||||
with it, we now also add rel="noopener" in order to
|
||||
prevent the new window from being able to overwrite
|
||||
|
||||
Reference in New Issue
Block a user