issues
search
microcosm-cc
/
bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
https://github.com/microcosm-cc/bluemonday
BSD 3-Clause "New" or "Revised" License
3.2k
stars
175
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
p.AllowDocType() opens a vector for inserting unsanitized HTML
#54
grafana-dee
closed
6 years ago
1
Allow css
#53
nixypanda
closed
6 years ago
1
Resolves #51 by permitting spaces in URLs within HTML
#52
grafana-dee
closed
6 years ago
1
Inline Images get stripped
#51
mstaack
closed
6 years ago
15
fix: xss black
#50
hsw409328
closed
6 years ago
2
Request: DisallowElements function
#49
joncalhoun
closed
6 years ago
4
Add ability to specify inline style policies
#48
pauln
opened
7 years ago
4
Remove .gitignore.
#47
dmitshur
closed
7 years ago
1
Fixed typo of LICENSE file
#46
dorsha
closed
7 years ago
0
Fixes 42 by using conditional compilation of tests
#45
grafana-dee
closed
7 years ago
0
Sanitize css properties of style attributes
#44
gerad
closed
6 years ago
3
css sanitization in style attributes
#43
gerad
opened
7 years ago
6
`make test` fails on master
#42
gerad
closed
7 years ago
4
Add center and marquee to whitelist
#41
bigshika
closed
7 years ago
0
Allow `RequireParsableURL` method to be applied selectively on tags.
#40
nixypanda
closed
7 years ago
1
Prevent escaping special characters
#39
xiam
closed
7 years ago
8
#37 case tag erroneously was 'javascript' not 'script'
#38
grafana-dee
closed
7 years ago
0
"javascript" in sanitize.go.
#37
nixypanda
closed
7 years ago
4
Resolves #35
#36
grafana-dee
closed
8 years ago
0
rel="noopener" should be added if target="_blank" is on a link
#35
grafana-dee
closed
8 years ago
2
Resolves #33
#34
grafana-dee
closed
8 years ago
0
Suggestion: Insert white space when stripping tags
#33
crantok
closed
8 years ago
5
Add method to keep tag content without tag
#32
nerandell
closed
8 years ago
0
Add method to keep tag content without tag
#31
Gufran
closed
8 years ago
2
Add OmitSkipElements method
#30
dhruvagarwal
closed
8 years ago
0
Allow all body/head/title and only do xss removal
#29
mstaack
closed
8 years ago
6
apostrophes get turned into HTML entities - '
#28
milne-dev
closed
8 years ago
5
gofmt -s
#27
shawnps
closed
8 years ago
4
typo
#26
shawnps
closed
8 years ago
2
Custom handlers
#25
CMogilko
closed
8 years ago
0
Custom handlers
#24
CMogilko
closed
8 years ago
8
skip elements content nested bug
#23
CMogilko
closed
9 years ago
1
fix bug with closingtagtoskip nested
#22
CMogilko
closed
9 years ago
0
skip nested tags by attrs bug
#21
CMogilko
closed
9 years ago
4
Access to setOfElementsWithoutAttrs and setOfElementsToSkipContent
#20
CMogilko
closed
9 years ago
0
AllowElements without attributes
#19
CMogilko
closed
9 years ago
5
Closing anchor and font tags mixed up
#18
wingedpig
closed
9 years ago
3
Update urls in tests for consistency.
#17
dmitshur
closed
9 years ago
2
Fix regexp that matches anything
#16
ghost
closed
9 years ago
2
Fix regexp
#15
ghost
closed
9 years ago
1
Enable Sourcegraph
#14
ritvik7
closed
9 years ago
1
Turn disallowed tags into html entities
#13
bigblind
closed
9 years ago
1
Force html attribute to specific values
#12
andyleap
closed
9 years ago
8
golang.org/x/net/html is obsoleted.
#11
facat
closed
9 years ago
6
Use new golang.org/x/... import paths.
#10
dmitshur
closed
9 years ago
1
Recent change results in html attributes potentially being repeated twice.
#9
dmitshur
closed
10 years ago
2
An undocumented difference between the three Sanitize* funcs.
#8
dmitshur
closed
10 years ago
4
Add AllowURLSchemeWithCustomPolicy() to allow external fine grain control over allowed URLs.
#7
dmitshur
closed
10 years ago
5
Feature Request: Ability for external packages to perform custom URL filtering.
#6
dmitshur
closed
10 years ago
4
Feature Request: Ability to filter URLs on a finer grained level.
#5
dmitshur
closed
10 years ago
8
Previous
Next