Merge pull request #71 from neraliu/context-parser-2

bump up the version to version 1.0.4 and README touch up
YahooArchive · Jun 15, 2015 · 5338907 · 5338907
2 parents b435da1 + a7927f7
commit 5338907
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -84,9 +84,9 @@ npm test
 
 [![Build Status](https://travis-ci.org/yahoo/secure-handlebars.svg?branch=master)](https://travis-ci.org/yahoo/secure-handlebars)
 
-### Known Issues
+### Known Limitations & Issues
 - Templates MUST be in UTF-8 encoding and using HTML 5 doctype (i.e., <!doctype html>).
-- We handle the HTML contextual analysis right now, and provide no support to the JavaScript and CSS contexts yet.
+- We handle the HTML contextual analysis right now, and provide no support to the JavaScript yet. For CSS context, we support output expression at style attribute value ONLY.
 - Our approach involves only static analysis on the template files, and thus data dynamically binded through raw output expressions that may alter the execution context on the rendered HTML CANNOT be taken into account.
 - We now assume that {{>partial}} and {{{{rawblock}}}} is always placed in the HTML Data context, and by itself will result in the same Data context after its binding (hence, in-state and out-state are both of the data context). 
 

diff --git a/bower.json b/bower.json
@@ -1,6 +1,6 @@
 {
   "name": "secure-handlebars",
-  "version": "1.0.2",
+  "version": "1.0.4",
   "main": "dist/secure-handlebars.min.js",
   "authors": [
     "Adonis Fung <[email protected]>",

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "secure-handlebars",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "licenses": [
     {
       "type": "BSD",
@@ -41,7 +41,7 @@
     "test": "grunt test"
   },
   "dependencies": {
-    "context-parser": "^1.1.0",
+    "context-parser": "^2.0.0",
     "handlebars": "^3.0.3",
     "xss-filters": "^1.2.0"
   },