loofah version 2.2.0 has been released!
Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments. It's built on top of Nokogiri and libxml2, so
it's fast and has a nice API.
Loofah excels at HTML sanitization (XSS prevention). It includes some
nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
most likely won't make your codes less secure. (These statements have
not been evaluated by Netexperts.)
ActiveRecord extensions for sanitization are available in the
## 2.2.0 / 2018-02-11
* Support HTML5 `<main>` tag. #133 (Thanks, @MothOnMars!)
* Recognize HTML5 block elements. #136 (Thanks, @MothOnMars!)
* Support SVG `<symbol>` tag. #131 (Thanks, @baopham!)
* Support for whitelisting CSS functions, initially just `calc` and `rgb`.
#122/#123/#129 (Thanks, @NikoRoberts!)
* Whitelist CSS property `list-style-type`. #68/#137/#142 (Thanks,
@andela-ysanni and @NikoRoberts!)
* Properly handle nested `script` tags. #127.