Skip to content
Snippets Groups Projects
Commit 1fe7a4e8 authored by Peter Rotich's avatar Peter Rotich
Browse files

html: Decode html entities before sanitizing

Encoded entities can be used to bypass safety checks
Don't remove iframe when using xml_dom to balance tags
parent 9ebad3be
No related branches found
No related tags found
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment