Loofah version 2.4.0 has been released.
This is a *feature* release and is *not* security-related.
- Docs: http://rubydoc.info/github/flavorjones/loofah/master/frames
- Mailing list: firstname.lastname@example.org
Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments, built on top of Nokogiri.
Loofah excels at HTML sanitization (XSS prevention). It includes some nice
HTML sanitizers, which are based on HTML5lib's safelist, so it most likely
won't make your codes less secure. (These statements have not been
evaluated by Netexperts.)
ActiveRecord extensions for sanitization are available in the
loofah-activerecord gem <https://github.com/flavorjones/loofah-activerecord>
*## 2.4.0 / 2019-11-25*
- Allow CSS property max-width [#175] (Thanks, @bchaney!)
- Allow CSS sizes expressed in rem [#176, #177]
- Add frozen_string_literal: true magic comment to all lib files. [#118]