Mercurial > genshi > genshi-test
diff ChangeLog @ 556:d5cb5c200045
The HTML sanitizer now strips any CSS comments in style attributes, which could previously be used to hide malicious property values.
author | cmlenz |
---|---|
date | Tue, 03 Jul 2007 20:29:07 +0000 |
parents | ed5a6d9e2767 |
children | 4cbd8031ed76 f0bb2c5ea0ff |
line wrap: on
line diff
--- a/ChangeLog +++ b/ChangeLog @@ -32,6 +32,8 @@ it is not available for use through configuration files. * The I18n filter now extracts messages from gettext functions even inside ignored tags (ticket #132). + * The HTML sanitizer now strips any CSS comments in style attributes, which + could previously be used to hide malicious property values. Version 0.4.2