search

microcosm-cc / bluemonday

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
https://github.com/microcosm-cc/bluemonday
BSD 3-Clause "New" or "Revised" License
3.12k stars 176 forks source link

Fix incorrect handling of iframe SandboxValues #138

Closed kiwiz closed 2 years ago

kiwiz commented 2 years ago

Follow up fix for https://github.com/microcosm-cc/bluemonday/pull/136.

RequireSandboxOnIFrame was incorrectly using the index of the passed in sandbox values instead of the actual value. :/

buro9 commented 2 years ago

Thank you :)