Sanitizeis awhitelist-basedsanitizer.Applicability:Typical usage is sanitizing user comments in sites, blogs or social applications. Could also bring some peace of mind if it's used in all the application's input (like we do atflowingforairflowingand all our apps).You send toSanitizea raw piece of html and you can get a filtered result that should be safe.OMG I've found a vulnerability what should I do?!Okay, don't panic, anddon't shout it loudotherwise the bastards will be listening (from you) how to exploit it. We don't want that.Can you hold itfor a minute for the greater good?Due to security reasons, when a vulnerability is found is valuable and would be nice that youDON'T FREAKING PUBLISH anything describing it. Okay? If you publish security issues you'll be exposing other people to unnecessary risks. So it's important. Pleasebe responsiblewith your community.The best thing you can do is toinform people involvedin improving the security. That would be the maintainers of this package.So, you can contact sebastian using seb at sebastianconcept.com or any other maintainers.Once the patch is made and publishedI promiseyou'll still have intact all the moral creditfor the heads up for the community. And what's even more... if you implement a qualified patch you'll be our hero (or heroine). Pleasebe our hero(exactly: be that instead of a bastard). We need that. Thanks.Here is how you can contribute:1. Control your anxiety because you can't think properly (not to mention make decent code) with it. Just think that life will continue. You'll see.2. Using a monticello package,make the best code you canfor fixing that issue.3.Include tests(so everybody can see you are a citizen able do his own homework). You can even start by making the test that reveals the problem.4.Good enough is good enough. Perfect is the enemy of good enough. Elegant is cool but (for security and health) being pragmatic is first.It's okay if you just send a test.5.Email the packageto sebastian to seb