@lexical/html
Advanced tools
Changelog
0.10.0 (2023-04-18)
@lexical/link will now sanitize anchor tag hrefs before rendering them to the DOM. This provides a measure of protection against XSS attacks that rely on inlining javascript in that attribute. However, it means that links using less common protocols will now be sanitized (converted to about:blank), which will be a breaking change for any existing links.
Like most other node-based logic in Lexical, the sanitization logic can be overriden by overriding LinkNode using the Node Overrides API and replacing it with a node that implements the sanitizeUrl method differently.
Fixes CVE-2023-30792
Changelog
0.9.2 (2023-04-14)
aria-label
typo (#4229) Hao LuoChangelog
v0.9.1 (2023-03-24)
HorizontalRuleNode
(#4097) Chris MontroisaddUpdateListener
method in transforms doc (#4094) Kevin AnsfieldChangelog
v0.9.0 (2023-03-08)
Changelog
v0.8.1 (2023-02-22)
Changelog
v0.8.0 (2023-02-09)
This release includes some breaking changes, including:
- Remove of indentList
and outdentList
from @lexical/list
.
- Refactor of the LexicalContentEditable
types from @lexical/react
to make them more accurate with HTMLDivElement
attributes.
This release adds functionality to apply node transforms to node replacements, it allows users to specify tab indentation sizes, and improved support for tracking the origin of YJS updates for collaborative editing.
Changelog
v0.7.9 (2023-02-09)
Changelog
v0.7.8 (2023-02-08)
Changelog
v0.7.7 (2023-02-03)
createParentElementNode
method on LexicalNode to fix copy/paste issues with clipboard (#3800) John FlocktonChangelog
v0.7.6 (2023-01-10)