Changes for version 1.02 - 2009-08-24
- add col and colgroup as possible ImplicitOpenTags
- change to prevent double-defang by default. Add option to allow it.
- open a new <tr>, not a <tbody> if we need to open an implicit tag
- add tbody back into list of implicit table tags
- include & ... ; when encoding entity in new attributes
- don't insert implicit open tag if it's the tag we actually just parsed
- avoid excessive backtracking on some style tags. cleanup unquoting code
- track tt blocks as well
- add more tags to track
- more quoting fixes
- expand html entities in styles as well
- don't unescape % sequences in URLs, just in stripped test value
- in attributes, % sequences are only every 2 chars
Modules
Cleans HTML as well as CSS of scripting and other executable contents, and neutralises XSS attacks.