Mercurial > genshi > mirror
comparison ChangeLog @ 556:0d98569eaced trunk
The HTML sanitizer now strips any CSS comments in style attributes, which could previously be used to hide malicious property values.
author | cmlenz |
---|---|
date | Tue, 03 Jul 2007 20:29:07 +0000 |
parents | 35dababa28d6 |
children | c17342ef9efb acf7c5ee36e7 |
comparison
equal
deleted
inserted
replaced
553:489a47873950 | 556:0d98569eaced |
---|---|
30 template is loaded (ticket #130). Note that the value for this option can | 30 template is loaded (ticket #130). Note that the value for this option can |
31 not be specified as a string, only as an actual function object, which means | 31 not be specified as a string, only as an actual function object, which means |
32 it is not available for use through configuration files. | 32 it is not available for use through configuration files. |
33 * The I18n filter now extracts messages from gettext functions even inside | 33 * The I18n filter now extracts messages from gettext functions even inside |
34 ignored tags (ticket #132). | 34 ignored tags (ticket #132). |
35 * The HTML sanitizer now strips any CSS comments in style attributes, which | |
36 could previously be used to hide malicious property values. | |
35 | 37 |
36 | 38 |
37 Version 0.4.2 | 39 Version 0.4.2 |
38 http://svn.edgewall.org/repos/genshi/tags/0.4.2/ | 40 http://svn.edgewall.org/repos/genshi/tags/0.4.2/ |
39 (Jun 20, from branches/stable/0.4.x) | 41 (Jun 20, from branches/stable/0.4.x) |