Posted By: Mike Dalessio
Date: 2010-02-02 15:36
Summary: loofah 0.4.6 Released
Project: Loofah

loofah version 0.4.6 has been released!

Loofah is a general library for manipulating HTML/XML documents and
fragments. It's built on top of Nokogiri and libxml2, so it's fast and
has a nice API.

Loofah excels at HTML sanitization (XSS prevention). It includes some
nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
most likely won't make your codes less secure. (These statements have
not been evaluated by Netexperts.)

Changes:

## 0.4.4, 0.4.5, 0.4.6 (2010-02-01)

Enhancements:

* Loofah::HTML::Document#text and Loofah::HTML::DocumentFragment#text now escape HTML entities.

Bug fixes:

* Loofah::XssFoliate was not properly escaping HTML entities when implicitly scrubbing a string attribute. GH #17

Latest News
TZInfo::Data v1.2014.2 Released
    Philip Ross - 2014-03-25 22:32
TZInfo v0.3.39 Released
    Philip Ross - 2014-03-09 20:23
TZInfo::Data v1.2014.1 Released
    Philip Ross - 2014-03-09 20:00
Automatic Ruby 14.2.0 has been released!
    id 774 - 2014-02-26 06:23
kramdown 1.3.2 released
    Thomas Leitner - 2014-02-16 08:35

 

Forums | Admin

Discussion Forums: loofah-0-4-6-released

Start New Thread Start New Thread

 

Topic Topic Starter Replies Last Post