phoenix_html v2.11.0 Release Notes
Release Date: 2018-03-09 // about 6 years ago-
✨ Enhancements
- Add date, datetime-local and time input types
- Enable string keys to be usable with forms
- Support carriage return in
text_to_html
- Add support for HTML5 boolean attributes to
content_tag
andtag
- Improve performance by relying on
html_safe_to_iodata/1
- Protect against CSRF tokens leaking across hosts when the POST URL is dynamic
- Require
to
attribute in links and buttons to explicitly pass protocols as a separate option for safety reasons
🐛 Bug fixes
- Guarantee
input_name/2
always returns strings - Improve handling of uncommon whitespace and null in
escape_javascript
- Escape value attribute so it is never treated as a boolean
- Guarantee
Backwards incompatible changes
- The :csrf_token_generator configuration in the Phoenix.HTML app no longer works due to the improved security mechanisms