Skip to content
Snippets Groups Projects
Commit 46c705f4 authored by Peter Rotich's avatar Peter Rotich
Browse files

html: Decode html entities before sanitizing 

Encoded entities can be used to bypass safety checks
Don't remove iframe when using xml_dom to balance tags
parent 69f8a0a3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment