Aug. 26, 2022
2:05 p.m.
On Fri, 26 Aug 2022 07:47:53 +0200, Xavier Morel wrote:
The way to do that would be to contact Stefan Behnel (https://github.com/scoder) directly.
Perfect, thanks!
As a result I would assume any security report on the cleaner will be pointed to the sign, and told to use mozilla/bleach or somesuch (though bleach still direly needs a fast HTML5 parser)
Interesting. I have some thoughts (perhaps for a different thread) on how to get the best of both worlds for some common use-cases. But in the meantime I'll look into switching to bleach for the security use-case that led me to finding the issues. :-) - Tim McCormack