This repository was archived by the owner on Jul 15, 2019. It is now read-only.
This repository was archived by the owner on Jul 15, 2019. It is now read-only.
vulnerability found in auto double quoting feature. #17
<img src="x" id='" onerror="alert(1)' />it's not vulnerable itself. but after purification, it becomes
<img src="x" id="" onerror="alert(1)" />this boils down to the problem of always using double quote in html purifier since v1.0
https://github.com/yahoo/html-purify/blob/v1.0.0/src/html-purify.js#L66
reported here as recommended by @yukinying