issues
search
microcosm-cc
/
bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
https://github.com/microcosm-cc/bluemonday
BSD 3-Clause "New" or "Revised" License
3.04k
stars
178
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
multiple matching global matchers can cause duplicated attributes
#208
rmmh
closed
3 days ago
1
Support four-value syntax for CSS hex color
#207
silverwind
closed
3 days ago
1
Fix typos
#206
deining
closed
3 months ago
1
Filter multiple class values through whitelist
#205
Liuxc95
opened
4 months ago
0
Bump golang.org/x/net from 0.17.0 to 0.20.0
#204
dependabot[bot]
closed
3 days ago
1
New maintainers for bluemonday in 2024
#203
buro9
opened
6 months ago
1
chore: go mod tidy
#202
caarlos0
closed
3 days ago
2
<a> tags in tables not matched correctly
#201
matloob
opened
7 months ago
1
Bump golang.org/x/net from 0.17.0 to 0.19.0
#200
dependabot[bot]
closed
5 months ago
1
helpers: apply id and lang attr regexps to full string
#198
matloob
opened
7 months ago
0
Bump golang.org/x/net from 0.17.0 to 0.18.0
#197
dependabot[bot]
closed
7 months ago
1
SVG policy
#196
kensanata
closed
2 months ago
1
Revert dependency on Go 1.21
#195
twpayne
closed
8 months ago
1
Update deps and resolve staticcheck messages
#193
buro9
closed
8 months ago
0
chore: remove refs to deprecated io/ioutil
#192
testwill
closed
8 months ago
1
Bump golang.org/x/net from 0.14.0 to 0.17.0
#191
dependabot[bot]
closed
8 months ago
2
[Fuzzing] add fuzz testing support
#190
0x34d
closed
9 months ago
1
Bump golang.org/x/net from 0.14.0 to 0.16.0
#189
dependabot[bot]
closed
9 months ago
1
Option to add spaces
#188
jonathan-wondereur
closed
9 months ago
2
Bump golang.org/x/net from 0.14.0 to 0.15.0
#187
dependabot[bot]
closed
9 months ago
1
Bump golang.org/x/net from 0.12.0 to 0.14.0
#186
dependabot[bot]
closed
11 months ago
0
How to retain URL?
#185
psic4t
closed
11 months ago
1
Bump golang.org/x/net from 0.12.0 to 0.13.0
#184
dependabot[bot]
closed
11 months ago
1
Sanitization removes spacing
#183
atombender
closed
11 months ago
1
Prefer explicit rules over regexp
#182
KN4CK3R
closed
11 months ago
1
chore: use strings.EqualFold instead
#181
testwill
closed
11 months ago
1
chore: remove refs to deprecated io/ioutil
#180
testwill
closed
11 months ago
1
Added src rewriter
#179
yyewolf
closed
11 months ago
0
Bump golang.org/x/net from 0.10.0 to 0.12.0
#178
dependabot[bot]
closed
11 months ago
0
Bump golang.org/x/net from 0.10.0 to 0.11.0
#176
dependabot[bot]
closed
1 year ago
1
Allow custom URL schemes by matching regex
#175
yardenshoham
closed
1 year ago
0
Is there a way to allow all URL schemes?
#174
yardenshoham
closed
1 year ago
3
Bump golang.org/x/net from 0.8.0 to 0.10.0
#173
dependabot[bot]
closed
1 year ago
0
Fix parsing style attribute with trailing spaces
#172
sergeyfedotov
closed
1 year ago
1
Trailing spaces in style attributes break sanitizing
#171
sergeyfedotov
closed
1 year ago
0
Strip only single attribute
#170
bohrasankalp
closed
1 year ago
3
Error when using & and amp in url
#169
aimustaev
opened
1 year ago
0
Bump golang.org/x/net from 0.8.0 to 0.9.0
#168
dependabot[bot]
closed
1 year ago
1
feat: remove style tags from unsafe
#167
mariuspot
closed
1 year ago
0
Add url prefix for tags such as `a`, `img` and `iframe`
#166
zyxkad
closed
1 year ago
3
Upgrade golang.org/x/net to 0.8.0
#165
barshociaj
closed
1 year ago
0
Bump golang.org/x/net from 0.0.0-20221002022538-bcab6841153b to 0.8.0
#164
dependabot[bot]
closed
1 year ago
1
Bump golang.org/x/net from 0.0.0-20221002022538-bcab6841153b to 0.7.0
#163
dependabot[bot]
closed
1 year ago
1
Add picture to allowlist of elements that do not need attributes to resolve #161
#162
buro9
closed
1 year ago
0
Can't allow `<picture>` and `<source>`
#161
felixfbecker
closed
1 year ago
1
Way to skip html escaping code blocks?
#160
ivanjaros
opened
1 year ago
1
Sanitize only what is disallowed
#159
aviadl
closed
1 year ago
1
Paragraph sanitization (e.g. img.alt) is too restrictive, disallows punctuation
#158
palant
opened
1 year ago
0
Test case not sanitising
#157
aaronpcz
opened
1 year ago
1
Go ParseThru vulnerability
#156
f-hluchnik
closed
1 year ago
2
Next