jsoup 1.15.3 is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.
Improvement: in Jsoup.connect(), added support for request-level authentication, supporting authentication to
proxies and to servers.
jhy/jsoup#2046
Improvement: in the Elements list, added direct support for #set(index, element), #remove(index),
#remove(object), #clear(), #removeAll(collection), #retainAll(collection), #removeIf(filter),
#replaceAll(operator). These methods update the original DOM, as well as the Elements list.
jhy/jsoup#2017
Improvement: added the NodeIterator class, to efficiently traverse a node tree using the Iterator interface. And
added Stream Element#stream() and Node#nodeStream() methods, to enable fluent composable stream pipelines of node
traversals.
jhy/jsoup#2051
Improvement: when changing the OutputSettings syntax to XML, the xhtml EscapeMode is automatically set by default.
Improvement: added the :is(selector list) pseudo-selector, which finds elements that match any of the selectors in
the selector list. Useful for making large ORed selectors more readable.
Improvement: repackaged the library with native (vs automatic) JPMS module support.
jhy/jsoup#2025
Improvement: better fidelity of source positions when tracking is enabled. And implicitly created or closed elements
are tracked and detectable via Range.isImplicit().
jhy/jsoup#2056
Improvement: when source tracking is enabled, the source position for attribute names and values is now available.
Attribute#sourceRange() provides the ranges.
jhy/jsoup#2057
Improvement: when running concurrently under Java 21+ Virtual Threads, virtual threads could be pinned to their
carrier platform thread when parsing an input stream. To improve performance, particularly when parsing fetched
URLs, the internal ConstrainableInputStream has been replaced by ControllableInputStream, which avoids the locking
which caused that pinning.
jhy/jsoup#2054
Bugfix: when outputting with XML syntax, HTML elements that were parsed as data nodes ( and ) should
be emitted as CDATA nodes, so that they can be parsed correctly by an XML parser.
jhy/jsoup#1720
Bugfix: the Immediate Parent selector > could match elements above the root context element, causing incorrect
elements to be returned when used on elements other than the root document.
jhy/jsoup#2018
Bugfix: in a sub-query such as p:has(> span, > i), combinators following the , Or combinator would be
incorrectly skipped, such that the sub-query was parsed as i instead of > i.
jhy/jsoup#1707
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bit4woo/domain_hunter_pro/network/alerts).
Bumps org.jsoup:jsoup from 1.14.3 to 1.15.3.
Release notes
Sourced from org.jsoup:jsoup's releases.
Changelog
Sourced from org.jsoup:jsoup's changelog.
... (truncated)
Commits
c596417
[maven-release-plugin] prepare release jsoup-1.15.3d2d9ac3
Changelog for URL cleaner improvement4ea768d
Strip control characters from URLs when resolving absolute URLs985f1fe
Include help link for malformed URLs6b67d05
Improved Validate error messages653da57
Normalized API doc link5ed84f6
Simplified the Test Server startupc58112a
Set the read size correctly when cappedfa13c80
Added jar manifest default implementation entries.5b19390
Bump maven-resources-plugin from 3.2.0 to 3.3.0 (#1814)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show