1 HTML Purifier 3.1.1 is a security and bugfix release. This release addresses
2 two security vulnerabilities, both related to CSS, and one of which only
3 applies to users using Shift_JIS as their output encoding. There is also
4 a security improvement regarding the imagecrash attack. There is a backwards
5 incompatible change in which resources are no longer munged
6 by default; please enable using %URI.MungeResources. Besides this, there
7 are numerous improvements to URI munging, esp. with the addition of
8 %URI.MungeSecretKey, as well as an experimental %HTML.SafeObject and %HTML.SafeEmbed.