Workflow

Feedparser

Latest version: v6.0.11

Safety actively analyzes 682487 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 12

5.0.1

Not secure
==================

* Fix issue 91 (invalid text in XML declaration causes sanitizer to crash)
* Fix issue 254 (sanitization can be bypassed by malformed XML comments)
* Fix issue 255 (sanitizer doesn't strip unsafe URI schemes)

5.0

Not secure
================

* Improved MathML support
* Support microformats (rel-tag, rel-enclosure, xfn, hcard)
* Support IRIs
* Allow safe CSS through sanitization
* Allow safe HTML5 through sanitization
* Support SVG
* Support inline XML entity declarations
* Support unescaped quotes and angle brackets in attributes
* Support additional date formats
* Added the `request_headers` argument to parse()
* Added the `response_headers` argument to parse()
* Support multiple entry, feed, and source authors
* Officially make Python 2.4 the earliest supported version
* Support Python 3
* Bug fixes, bug fixes, bug fixes

4.2

================

* Support for parsing microformats, including rel=enclosure, rel=tag, XFN, and hCard.
* Updated the whitelist of acceptable HTML elements and attributes based on the latest draft of the HTML (HyperText Markup Language) 5 specification.
* Support for CSS sanitization. (Previous versions of Universal Feed Parser simply stripped all inline styles.) Many thanks to Sam Ruby for implementing this, despite my insistence that it was impossible.
* Support for SVG sanitation.
* Support for MathML sanitation. Many thanks to Jacques Distler for patiently debugging this feature.
* IRI (International Resource Identifier) support for every element that can contain a URI (Uniform Resource Identifier).
* Ability to disable relative URI resolution.
* Command-line arguments and alternate serializers, for manipulating Universal Feed Parser from shell scripts or other non-Python sources.
* More robust parsing of author email addresses, misencoded win-1252 content, rel=self links, and better detection of HTML content in elements with ambiguous content types.

4.1

Not secure
================

* Removed socket timeout
* Added support for chardet library

4.0.2

==================

* Cleared ``_debug`` flag.

4.0.1

==================

* Bug fixes for Python 2.1 compatibility.

Page 4 of 12

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.