Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / microcosm-cc/bluemonday issues and pull requests

#208 - multiple matching global matchers can cause duplicated attributes

Issue - State: closed - Opened by rmmh 4 months ago - 1 comment

#207 - Support four-value syntax for CSS hex color

Pull Request - State: closed - Opened by silverwind 6 months ago - 1 comment

#206 - Fix typos

Pull Request - State: closed - Opened by deining 7 months ago - 1 comment

#205 - Filter multiple class values through whitelist

Issue - State: open - Opened by Liuxc95 7 months ago

#204 - Bump golang.org/x/net from 0.17.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies

#203 - New maintainers for bluemonday in 2024

Issue - State: open - Opened by buro9 9 months ago - 1 comment

#202 - chore: go mod tidy

Pull Request - State: closed - Opened by caarlos0 10 months ago - 2 comments

#201 - <a> tags in tables not matched correctly

Issue - State: open - Opened by matloob 10 months ago - 1 comment

#200 - Bump golang.org/x/net from 0.17.0 to 0.19.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies

#198 - helpers: apply id and lang attr regexps to full string

Pull Request - State: open - Opened by matloob 10 months ago

#197 - Bump golang.org/x/net from 0.17.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies

#196 - SVG policy

Issue - State: closed - Opened by kensanata 11 months ago - 1 comment

#195 - Revert dependency on Go 1.21

Pull Request - State: closed - Opened by twpayne 11 months ago - 1 comment

#193 - Update deps and resolve staticcheck messages

Pull Request - State: closed - Opened by buro9 12 months ago

#192 - chore: remove refs to deprecated io/ioutil

Pull Request - State: closed - Opened by testwill 12 months ago - 1 comment

#191 - Bump golang.org/x/net from 0.14.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies

#190 - [Fuzzing] add fuzz testing support

Pull Request - State: closed - Opened by 0x34d 12 months ago - 1 comment

#189 - Bump golang.org/x/net from 0.14.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies

#188 - Option to add spaces

Issue - State: closed - Opened by jonathan-wondereur almost 1 year ago - 2 comments

#187 - Bump golang.org/x/net from 0.14.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies

#186 - Bump golang.org/x/net from 0.12.0 to 0.14.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies

#185 - How to retain URL?

Issue - State: closed - Opened by psic4t about 1 year ago - 1 comment

#184 - Bump golang.org/x/net from 0.12.0 to 0.13.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies

#183 - Sanitization removes spacing

Issue - State: closed - Opened by atombender about 1 year ago - 1 comment

#182 - Prefer explicit rules over regexp

Pull Request - State: closed - Opened by KN4CK3R about 1 year ago - 1 comment

#181 - chore: use strings.EqualFold instead

Pull Request - State: closed - Opened by testwill about 1 year ago - 1 comment

#180 - chore: remove refs to deprecated io/ioutil

Pull Request - State: closed - Opened by testwill about 1 year ago - 1 comment

#179 - Added src rewriter

Pull Request - State: closed - Opened by yyewolf about 1 year ago

#178 - Bump golang.org/x/net from 0.10.0 to 0.12.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies

#176 - Bump golang.org/x/net from 0.10.0 to 0.11.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#175 - Allow custom URL schemes by matching regex

Pull Request - State: closed - Opened by yardenshoham over 1 year ago

#174 - Is there a way to allow all URL schemes?

Issue - State: closed - Opened by yardenshoham over 1 year ago - 3 comments

#173 - Bump golang.org/x/net from 0.8.0 to 0.10.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies

#172 - Fix parsing style attribute with trailing spaces

Pull Request - State: closed - Opened by sergeyfedotov over 1 year ago - 1 comment

#171 - Trailing spaces in style attributes break sanitizing

Issue - State: closed - Opened by sergeyfedotov over 1 year ago

#170 - Strip only single attribute

Issue - State: closed - Opened by bohrasankalp over 1 year ago - 3 comments

#169 - Error when using & and amp in url

Issue - State: open - Opened by aimustaev over 1 year ago

#168 - Bump golang.org/x/net from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#167 - feat: remove style tags from unsafe

Pull Request - State: closed - Opened by mariuspot over 1 year ago

#166 - Add url prefix for tags such as `a`, `img` and `iframe`

Issue - State: closed - Opened by zyxkad over 1 year ago - 3 comments

#165 - Upgrade golang.org/x/net to 0.8.0

Pull Request - State: closed - Opened by barshociaj over 1 year ago

#164 - Bump golang.org/x/net from 0.0.0-20221002022538-bcab6841153b to 0.8.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#163 - Bump golang.org/x/net from 0.0.0-20221002022538-bcab6841153b to 0.7.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#161 - Can't allow `<picture>` and `<source>`

Issue - State: closed - Opened by felixfbecker over 1 year ago - 1 comment

#160 - Way to skip html escaping code blocks?

Issue - State: open - Opened by ivanjaros over 1 year ago - 1 comment

#159 - Sanitize only what is disallowed

Issue - State: closed - Opened by aviadl over 1 year ago - 1 comment

#157 - Test case not sanitising

Issue - State: open - Opened by aaronpcz almost 2 years ago - 1 comment

#156 - Go ParseThru vulnerability

Issue - State: closed - Opened by f-hluchnik almost 2 years ago - 2 comments

#155 - How to disallow emoji?

Issue - State: closed - Opened by ivanjaros almost 2 years ago - 1 comment

#154 - Translates string characters to html code

Issue - State: closed - Opened by GuillemXanxo almost 2 years ago - 2 comments

#153 - Add callback function before parsing the attributes of an element

Pull Request - State: open - Opened by onthegit almost 2 years ago

#152 - How to get tel: links to not be removed?

Issue - State: closed - Opened by clarencefoy almost 2 years ago - 2 comments

#151 - Don't write self-closing tag with empty attributes

Pull Request - State: closed - Opened by Gusted almost 2 years ago - 1 comment

#150 - Allow Formatted Email Addresses

Issue - State: closed - Opened by teschste-reyrey about 2 years ago - 4 comments

#149 - Can I use bluemonday to remove certain links?

Issue - State: closed - Opened by akfaew about 2 years ago - 1 comment

#148 - Bump golang.org/x/net to latest

Pull Request - State: closed - Opened by zhsj about 2 years ago - 1 comment

#147 - AllowNoAttrs doesn't work with Matching

Issue - State: closed - Opened by MrParano1d over 2 years ago - 2 comments

#146 - Add SVG+XML type support to the dataURIImagePrefix

Issue - State: closed - Opened by EvgenMatiola99 over 2 years ago - 1 comment

#145 - Detecting when sanitization triggered for an input

Issue - State: closed - Opened by jimmiebtlr over 2 years ago - 1 comment

#144 - What is this project’s license?

Issue - State: closed - Opened by alexec over 2 years ago - 3 comments

#143 - Double escaping attribute values

Issue - State: closed - Opened by jtran over 2 years ago - 2 comments

#142 - css: improve RGB hex color and length matching

Pull Request - State: closed - Opened by hochhaus over 2 years ago - 3 comments

#141 - Allow DataUri for an audio Element

Issue - State: closed - Opened by aoshi321 over 2 years ago

#140 - Only adding target="_blank" but not modifying any other HTML

Issue - State: closed - Opened by ColdHeat over 2 years ago - 1 comment

#139 - how to avoid the escape attributes when has allowed

Issue - State: closed - Opened by madneal over 2 years ago - 1 comment

#138 - Fix incorrect handling of iframe SandboxValues

Pull Request - State: closed - Opened by kiwiz over 2 years ago - 1 comment

#137 - Add the supplement of escaping in README.md

Pull Request - State: closed - Opened by yar2001 over 2 years ago - 1 comment

#136 - Add RequireSandboxOnIFrame

Pull Request - State: closed - Opened by kiwiz almost 3 years ago - 3 comments

#135 - Support for the `<iframe>` `sandbox` attribute

Issue - State: closed - Opened by kiwiz almost 3 years ago - 5 comments

#134 - SanitizeReaderToWriter is REALLY slow

Issue - State: closed - Opened by natefinch almost 3 years ago - 2 comments

#132 - Outputting link href attribute in brackets after link text

Issue - State: closed - Opened by ghost about 3 years ago - 2 comments

#131 - How would I go about letting only a specific class through?

Issue - State: closed - Opened by clarencefoy about 3 years ago - 1 comment

#130 - How to disallow attr?

Issue - State: closed - Opened by Lolioy about 3 years ago - 2 comments

#129 - Allow target="_blank"

Issue - State: closed - Opened by inliquid about 3 years ago - 5 comments

#128 - CI enforce code format

Pull Request - State: closed - Opened by 6543 about 3 years ago - 4 comments

#127 - Revert "Fix spelling"

Pull Request - State: closed - Opened by buro9 over 3 years ago

#126 - Fix spelling

Pull Request - State: closed - Opened by jbampton over 3 years ago

#125 - Additive policies

Pull Request - State: closed - Opened by KN4CK3R over 3 years ago - 3 comments

#124 - Minor re-org to improve documentation readability

Pull Request - State: closed - Opened by buro9 over 3 years ago

#123 - Base64 data URIs with linebreaks

Pull Request - State: closed - Opened by KN4CK3R over 3 years ago - 1 comment

#122 - Data URIs with whitespaces

Issue - State: closed - Opened by KN4CK3R over 3 years ago - 3 comments

#121 - Resolves #95 by allowing HTML comments

Pull Request - State: closed - Opened by buro9 over 3 years ago

#120 - How to add a rule to allow some tags based on `src`

Issue - State: closed - Opened by inliquid over 3 years ago - 2 comments

#119 - Can't add tags

Issue - State: closed - Opened by ghost over 3 years ago - 3 comments

#118 - Update x/net package to latest version

Pull Request - State: closed - Opened by meinenec over 3 years ago - 1 comment

#117 - Parsing Issue handling self closing html tag

Issue - State: closed - Opened by sjawaji over 3 years ago - 1 comment

#116 - undefined: strings.Builder

Issue - State: closed - Opened by anrizal over 3 years ago - 2 comments

#115 - Sanitize should not add forcibly add values to query components

Pull Request - State: closed - Opened by zeripath over 3 years ago - 3 comments

#114 - douceur entries in go.mod

Issue - State: closed - Opened by udf2457 over 3 years ago - 1 comment

#113 - Add test for GH-Actions

Pull Request - State: closed - Opened by 6543 over 3 years ago - 3 comments

#112 - Resolves #111 carefully escape tag names

Pull Request - State: closed - Opened by buro9 over 3 years ago

#111 - Regression of #56 - strings.ToLower allows input of SCRIPT tag

Issue - State: closed - Opened by buro9 over 3 years ago

#110 - Add function to sanitize to writer directly

Pull Request - State: closed - Opened by zeripath over 3 years ago - 3 comments

#109 - Double quotation marks parse error

Issue - State: closed - Opened by gozelus over 3 years ago - 5 comments

#108 - Closed #107

Pull Request - State: closed - Opened by nim4 over 3 years ago - 1 comment

#107 - Add crossorigin

Issue - State: closed - Opened by nim4 over 3 years ago

#106 - Add/Fix CI

Issue - State: closed - Opened by 6543 almost 4 years ago

#105 - Fix the bug that sanitizedUrl will change the order of the link

Pull Request - State: closed - Opened by lunny almost 4 years ago