sanitize-html - npm Package Compare versions

Comparing version 2.1.0 to 2.1.1

CHANGELOG.md

		# Changelog

		## 2.1.1 (2020-10-21):
		- Fixes a bug when using `allowedClasses` with an `'*'` wildcard selector. Thanks to [Clemens Damke](https://github.com/Cortys) for this contribution.
		- Updates mocha to 7.x to resolve security warnings.

		## 2.1.0 (2020-10-07):
		@@ -4,0 +8,0 @@ - `sup` added to the default allowed tags list. Thanks to [Julian Lam](https://github.com/julianlam) for the contribution.

index.js

		@@ -373,3 +373,9 @@ const htmlparser = require('htmlparser2');
		if (a === 'class') {
		value = filterClasses(value, allowedClassesMap[name]);
		const allowedSpecificClasses = allowedClassesMap[name];
		const allowedWildcardClasses = allowedClassesMap['*'];
		if (allowedSpecificClasses && allowedWildcardClasses) {
		value = filterClasses(value, deepmerge(allowedSpecificClasses, allowedWildcardClasses));
		} else {
		value = filterClasses(value, allowedSpecificClasses \|\| allowedWildcardClasses);
		}
		if (!value.length) {
		@@ -376,0 +382,0 @@ delete frame.attribs[a];

package.json

		{
		"name": "sanitize-html",
		"version": "2.1.0",
		"version": "2.1.1",
		"description": "Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis",
		@@ -41,5 +41,5 @@ "sideEffects": false,
		"eslint-plugin-standard": "^4.0.1",
		"mocha": "^5.2.0",
		"mocha": "^7.0.0",
		"sinon": "^9.0.2"
		}
		}

README.md

		@@ -221,2 +221,9 @@ # sanitize-html

		Similar to `allowedAttributes`, you can use `*` as a tag name, to allow listed classes to be valid for any tag:
		```js
		allowedClasses: {
		'*': [ 'fancy', 'simple' ]
		}
		```

		### Allowed CSS Styles
		@@ -223,0 +230,0 @@

New alerts