2016-04-12 09:40:37 -07:00
|
|
|
import {
|
2016-04-14 14:52:35 -07:00
|
|
|
ReflectiveInjector,
|
|
|
|
|
PlatformRef,
|
|
|
|
|
getPlatform,
|
|
|
|
|
createPlatform,
|
|
|
|
|
assertPlatform
|
2016-04-28 17:50:03 -07:00
|
|
|
} from '@angular/core';
|
|
|
|
|
import {isBlank} from './facade/lang';
|
|
|
|
|
import {BROWSER_PROVIDERS, BROWSER_PLATFORM_MARKER} from './browser_common';
|
|
|
|
|
export {DomEventsPlugin} from './dom/events/dom_events';
|
2015-11-13 11:21:16 -08:00
|
|
|
|
2016-04-28 17:50:03 -07:00
|
|
|
export {EventManager, EVENT_MANAGER_PLUGINS} from './dom/events/event_manager';
|
|
|
|
|
export {ELEMENT_PROBE_PROVIDERS} from './dom/debug/ng_probe';
|
|
|
|
|
export {
|
2015-11-16 13:58:24 -08:00
|
|
|
BROWSER_APP_COMMON_PROVIDERS,
|
feat: security implementation in Angular 2.
Summary:
This adds basic security hooks to Angular 2.
* `SecurityContext` is a private API between core, compiler, and
platform-browser. `SecurityContext` communicates what context a value is used
in across template parser, compiler, and sanitization at runtime.
* `SanitizationService` is the bare bones interface to sanitize values for a
particular context.
* `SchemaElementRegistry.securityContext(tagName, attributeOrPropertyName)`
determines the security context for an attribute or property (it turns out
attributes and properties match for the purposes of sanitization).
Based on these hooks:
* `DomSchemaElementRegistry` decides what sanitization applies in a particular
context.
* `DomSanitizationService` implements `SanitizationService` and adds *Safe
Value*s, i.e. the ability to mark a value as safe and not requiring further
sanitization.
* `url_sanitizer` and `style_sanitizer` sanitize URLs and Styles, respectively
(surprise!).
`DomSanitizationService` is the default implementation bound for browser
applications, in the three contexts (browser rendering, web worker rendering,
server side rendering).
BREAKING CHANGES:
*** SECURITY WARNING ***
Angular 2 Release Candidates do not implement proper contextual escaping yet.
Make sure to correctly escape all values that go into the DOM.
*** SECURITY WARNING ***
Reviewers: IgorMinar
Differential Revision: https://reviews.angular.io/D103
2016-04-29 16:04:08 -07:00
|
|
|
BROWSER_SANITIZATION_PROVIDERS,
|
2016-04-28 17:50:03 -07:00
|
|
|
BROWSER_PROVIDERS,
|
|
|
|
|
By,
|
|
|
|
|
Title,
|
|
|
|
|
enableDebugTools,
|
|
|
|
|
disableDebugTools,
|
|
|
|
|
HAMMER_GESTURE_CONFIG,
|
|
|
|
|
HammerGestureConfig
|
|
|
|
|
} from './browser_common';
|
|
|
|
|
|
|
|
|
|
export * from '../private_export';
|
|
|
|
|
export {DOCUMENT} from './dom/dom_tokens';
|
|
|
|
|
|
feat: security implementation in Angular 2.
Summary:
This adds basic security hooks to Angular 2.
* `SecurityContext` is a private API between core, compiler, and
platform-browser. `SecurityContext` communicates what context a value is used
in across template parser, compiler, and sanitization at runtime.
* `SanitizationService` is the bare bones interface to sanitize values for a
particular context.
* `SchemaElementRegistry.securityContext(tagName, attributeOrPropertyName)`
determines the security context for an attribute or property (it turns out
attributes and properties match for the purposes of sanitization).
Based on these hooks:
* `DomSchemaElementRegistry` decides what sanitization applies in a particular
context.
* `DomSanitizationService` implements `SanitizationService` and adds *Safe
Value*s, i.e. the ability to mark a value as safe and not requiring further
sanitization.
* `url_sanitizer` and `style_sanitizer` sanitize URLs and Styles, respectively
(surprise!).
`DomSanitizationService` is the default implementation bound for browser
applications, in the three contexts (browser rendering, web worker rendering,
server side rendering).
BREAKING CHANGES:
*** SECURITY WARNING ***
Angular 2 Release Candidates do not implement proper contextual escaping yet.
Make sure to correctly escape all values that go into the DOM.
*** SECURITY WARNING ***
Reviewers: IgorMinar
Differential Revision: https://reviews.angular.io/D103
2016-04-29 16:04:08 -07:00
|
|
|
export {DomSanitizationService, SecurityContext} from './security/dom_sanitization_service';
|
2016-04-28 17:50:03 -07:00
|
|
|
|
|
|
|
|
export {
|
|
|
|
|
bootstrapStatic,
|
|
|
|
|
browserStaticPlatform,
|
|
|
|
|
BROWSER_APP_STATIC_PROVIDERS,
|
|
|
|
|
BrowserPlatformLocation
|
|
|
|
|
} from './platform_browser_static';
|
|
|
|
|
|
|
|
|
|
|
2015-11-13 11:21:16 -08:00
|
|
|
|
2016-04-14 14:52:35 -07:00
|
|
|
export function browserPlatform(): PlatformRef {
|
|
|
|
|
if (isBlank(getPlatform())) {
|
|
|
|
|
createPlatform(ReflectiveInjector.resolveAndCreate(BROWSER_PROVIDERS));
|
|
|
|
|
}
|
|
|
|
|
return assertPlatform(BROWSER_PLATFORM_MARKER);
|
|
|
|
|
}
|
