HTML Purifier 4.3.0 is a major security release addressing various
security vulnerabilities related to user-submitted code and legitimate
client-side scripts.  It also contains an accumulation of new features
and bugfixes over half a year.  New configuration options include
%CSS.Trusted, %CSS.AllowedFonts and %Cache.SerializerPermissions.
There is a backwards-incompatible API change for customized raw
definitions, see <http://htmlpurifier.org/docs/enduser-customize.html#optimized>
for details.