New
Unclaimed project
Are you a maintainer of DOMPurify? Claim this project to take control of your public changelog and roadmap.
Changelog
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
mask-type attribute to default allow-list, thanks @prasadrajandranADD_ATTR and ADD_TAGS to accept functions, thanks @nelstromslot element being in both SVG and HTML allow-list, thanks @Wim-Valgaeren