20 Commits

Author	SHA1	Message	Date
Régis Hanol	c7330ed73f	BUGFIX: errors when post-processing 'data images'	2014-07-18 17:54:18 +02:00
Sam	de7e6a9545	Feature: allow mods to cut pinned topic excerpts	2014-07-17 21:32:37 +10:00
Sam	91cd4f2d66	SECURITY: improve escaping protection	2014-07-17 16:11:10 +10:00
Sam	c12a131fb4	SECURITY: sanitizer allowing invalid attributes	2014-07-17 16:11:09 +10:00
Régis Hanol	a9342dbf92	SECURITY: fix XSS in link's href	2014-07-15 16:11:37 +02:00
Jason Taylor	df2c259836	BUGFIX: exception validating 'data-' attributes	2014-07-14 17:43:38 -07:00
Robin Ward	1886ffaff2	FIX: Work with phpBB import style links with ellipsis	2014-07-14 14:27:17 -04:00
Robin Ward	186ce78cb5	FIX: BBCode sanitization and tests	2014-07-14 11:24:25 -04:00
Sam	d54c28adc1	FIX: better whitelisting	2014-07-10 09:59:54 +10:00
Sam	9828a268b9	Fix: whitelist regex for bbcode too wide	2014-07-10 09:17:04 +10:00
Régis Hanol	6b45b635f8	FIX: properly whitelist <code> classes needed for syntax highlighting	2014-07-09 16:27:47 +02:00
Sam	9ffcbfca98	FIX: disable whitelist temporarily ... more complete fix to follow	2014-07-09 22:13:27 +10:00
Sam	fcbc7729b6	FIX: missing BBCODE whitelists ... FEATURE: ability whitelist a RegExp	2014-07-08 10:33:59 +10:00
Robin Ward	fc1ce96dbb	FIX: Change the approach to sanitization. Includes a more detailed API ... for allowing classes and attributes for only certain tag names.	2014-07-03 16:55:36 -04:00
Régis Hanol	c97de2c449	BUGFIX: markdown sanitize on null/undefined text	2014-05-14 12:14:33 +02:00
Régis Hanol	5edec22e28	fix the build	2014-03-27 16:57:46 +01:00
riking	593f5df503	Corrections to JSDoc	2014-03-18 18:19:20 -07:00
Vikhyat Korrapati	fad88c6cf3	Fix sanitization of smileys like <_< and <3.	2014-01-26 18:38:47 +05:30
Régis Hanol	9b6538832d	whitelist google.com/maps iframes	2013-11-29 18:08:53 +01:00
Robin Ward	9adcd1579d	Renamed components to lib in the JS project, as Ember has components and they mean something different.	2013-10-24 12:36:46 -04:00