sanitize-html - npm Package Compare versions

Comparing version 2.6.1 to 2.7.0

CHANGELOG.md

		# Changelog

		## 2.7.0 (2022-02-04)

		- Allows a more sensible set of default attributes on `<img />` tags. Thanks to [Zade Viggers](https://github.com/zadeviggers).

		## 2.6.1 (2021-12-08)
		@@ -4,0 +8,0 @@

index.js

		@@ -783,6 +783,5 @@ const htmlparser = require('htmlparser2');
		a: [ 'href', 'name', 'target' ],
		// We don't currently allow img itself by default, but this
		// would make sense if we did. You could add srcset here,
		// and if you do the URL is checked for safety
		img: [ 'src' ]
		// We don't currently allow img itself by default, but
		// these attributes would make sense if we did.
		img: [ 'src', 'srcset', 'alt', 'title', 'width', 'height', 'loading' ]
		},
		@@ -789,0 +788,0 @@ // Lots of these won't come up by default because we don't allow them

package.json

		{
		"name": "sanitize-html",
		"version": "2.6.1",
		"version": "2.7.0",
		"description": "Clean up user-submitted HTML, preserving allowlisted elements and allowlisted attributes on a per-element basis",
		@@ -5,0 +5,0 @@ "sideEffects": false,

README.md

		@@ -131,6 +131,5 @@ # sanitize-html
		a: [ 'href', 'name', 'target' ],
		// We don't currently allow img itself by default, but this
		// would make sense if we did. You could add srcset here,
		// and if you do the URL is checked for safety
		img: [ 'src' ]
		// We don't currently allow img itself by default, but
		// these attributes would make sense if we did.
		img: [ 'src', 'srcset', 'alt', 'title', 'width', 'height', 'loading' ]
		},
		@@ -137,0 +136,0 @@ // Lots of these won't come up by default because we don't allow them

New alerts