kpriv
/
pkgsrc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
pkgsrc/www/lua-web-sanitize
History
nia cd5df3a0d3 lua-web-sanitize: update to 1.4.0 
Stricter attribute value escaping

This is a critical update if you are using a custom white list with iframe
elements allowed. Due to their non-standard parsing within browsers it
maybe be possible to craft HTML to bypass sanitization by using an element
with an attribute value of a closing iframe tag. Those using the default
whitelist are not affected.
 		2023-02-01 12:36:06 +00:00
..
DESCR
Makefile lua-web-sanitize: update to 1.4.0 2023-02-01 12:36:06 +00:00
PLIST
distinfo lua-web-sanitize: update to 1.4.0 2023-02-01 12:36:06 +00:00