search

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
https://cure53.de/purify
Other
13.61k stars 695 forks source link

Update attrs.js #926

Closed ghost closed 5 months ago

ghost commented 5 months ago

Add the wrap HTML attribute per issue #925.

Summary

It looks like DOMPurify is removing the wrap attribute on elements like <textarea>. Since this has no security-related issues, we can safely add it.