Mercurial > genshi > genshi-test
comparison ChangeLog @ 556:d5cb5c200045
The HTML sanitizer now strips any CSS comments in style attributes, which could previously be used to hide malicious property values.
| author | cmlenz |
|---|---|
| date | Tue, 03 Jul 2007 20:29:07 +0000 |
| parents | ed5a6d9e2767 |
| children | 4cbd8031ed76 f0bb2c5ea0ff |
comparison
equal
deleted
inserted
replaced
| 553:887bbbfa4098 | 556:d5cb5c200045 |
|---|---|
| 30 template is loaded (ticket #130). Note that the value for this option can | 30 template is loaded (ticket #130). Note that the value for this option can |
| 31 not be specified as a string, only as an actual function object, which means | 31 not be specified as a string, only as an actual function object, which means |
| 32 it is not available for use through configuration files. | 32 it is not available for use through configuration files. |
| 33 * The I18n filter now extracts messages from gettext functions even inside | 33 * The I18n filter now extracts messages from gettext functions even inside |
| 34 ignored tags (ticket #132). | 34 ignored tags (ticket #132). |
| 35 * The HTML sanitizer now strips any CSS comments in style attributes, which | |
| 36 could previously be used to hide malicious property values. | |
| 35 | 37 |
| 36 | 38 |
| 37 Version 0.4.2 | 39 Version 0.4.2 |
| 38 http://svn.edgewall.org/repos/genshi/tags/0.4.2/ | 40 http://svn.edgewall.org/repos/genshi/tags/0.4.2/ |
| 39 (Jun 20, from branches/stable/0.4.x) | 41 (Jun 20, from branches/stable/0.4.x) |