-
Notifications
You must be signed in to change notification settings - Fork 200
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sanitize URL post-filter #156
Comments
Good idea, I've added both. This might be useful for other use cases as well. The args for the new event |
wow - thanks for the speedy reply |
@mganss Do you maintain the release notes for the security issues fixed for latest htmlsanitizer? |
@smitburde Release notes can be found at https:/mganss/HtmlSanitizer/releases (pretty spartan, I know :) |
Could you add a filtering callback event for SanitizedURL so that they could be filtered to prevent against XSRF or SSRF from valid URI attributes, or mark it as virtual so that it can be overwritten and extended in sub classes.
Or should requests like these come from pull requests?
The text was updated successfully, but these errors were encountered: