1 <?xml version=
"1.0" encoding=
"UTF-8"?>
2 <!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Transitional//EN"
3 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5 xmlns=
"http://www.w3.org/1999/xhtml"
6 xmlns:
xi=
"http://www.w3.org/2001/XInclude"
7 xmlns:
xc=
"urn:xhtml-compiler"
11 <title>HTML Purifier
4.3.0 released - News - HTML Purifier
</title>
12 <xi:include href=
"common-meta.xml" xpointer=
"xpointer(/*/node())" />
16 <xi:include href=
"common-header.xml" xpointer=
"xpointer(/*/node())" />
19 <h1 id=
"title">HTML Purifier
4.3.0 released
</h1>
23 HTML Purifier
4.3.0 is a major security release addressing various
24 security vulnerabilities related to user-submitted code and legitimate
25 client-side scripts. It also contains an accumulation of new features
26 and bugfixes over half a year. New configuration options include
27 %CSS.Trusted, %CSS.AllowedFonts and %Cache.SerializerPermissions.
28 There is a backwards-incompatible API change for customized raw
29 definitions, see
<a href=
"http://htmlpurifier.org/docs/enduser-customize.html#optimized">the customization documentation for details
</a>.
33 href=
"http://repo.or.cz/w/htmlpurifier.git/blob/f1439f0af54ca21126546bba372a8cd4a72670c5:/NEWS">NEWS
</a>
34 for a complete changelog.