angular-cn/packages/platform-browser/test/security/dom_sanitization_service_spec.ts

/**
 * @license
 * Copyright Google Inc. All Rights Reserved.
 *
 * Use of this source code is governed by an MIT-style license that can be
 * found in the LICENSE file at https://angular.io/license
 */

import {SecurityContext} from '@angular/core';
import * as t from '@angular/core/testing/src/testing_internal';

import {DomSanitizerImpl} from '../../src/security/dom_sanitization_service';

{
  t.describe('DOM Sanitization Service', () => {
    t.it('accepts resource URL values for resource contexts', () => {
      const svc = new DomSanitizerImpl(null);
      const resourceUrl = svc.bypassSecurityTrustResourceUrl('http://hello/world');
      t.expect(svc.sanitize(SecurityContext.URL, resourceUrl)).toBe('http://hello/world');
    });
  });
}
feat(security): trust resource URLs as URLs. (#10220) Resource URLs are strictly "more" trustworthy than plain URLs, so trusting them maintains the same level of security while avoiding to break people when we downgrade a resource URL context to a plain URL context. 2016-07-21 17:44:59 -07:00			`/**`
			`* @license`
			`* Copyright Google Inc. All Rights Reserved.`
			`*`
			`* Use of this source code is governed by an MIT-style license that can be`
			`* found in the LICENSE file at https://angular.io/license`
			`*/`

			`import {SecurityContext} from '@angular/core';`
build: fix file paths after moving modules/@angular/* to packages/* 2017-03-02 12:12:46 -08:00			`import * as t from '@angular/core/testing/src/testing_internal';`
feat(security): trust resource URLs as URLs. (#10220) Resource URLs are strictly "more" trustworthy than plain URLs, so trusting them maintains the same level of security while avoiding to break people when we downgrade a resource URL context to a plain URL context. 2016-07-21 17:44:59 -07:00
refactor: rename SanitizationService to Sanitizer and DomSanitizationService to DomSanitizer (#11085) BREAKING CHANGE: Previously inconsistently named APIs SanitizationService and DomSanitizationService were renamed to Sanitizer and DomSanitizer 2016-08-25 15:41:19 -07:00			`import {DomSanitizerImpl} from '../../src/security/dom_sanitization_service';`
feat(security): trust resource URLs as URLs. (#10220) Resource URLs are strictly "more" trustworthy than plain URLs, so trusting them maintains the same level of security while avoiding to break people when we downgrade a resource URL context to a plain URL context. 2016-07-21 17:44:59 -07:00
build: remove `main()` from specs (#21053) PR Close #21053 2017-12-16 14:42:55 -08:00			`{`
feat(security): trust resource URLs as URLs. (#10220) Resource URLs are strictly "more" trustworthy than plain URLs, so trusting them maintains the same level of security while avoiding to break people when we downgrade a resource URL context to a plain URL context. 2016-07-21 17:44:59 -07:00			`t.describe('DOM Sanitization Service', () => {`
			`t.it('accepts resource URL values for resource contexts', () => {`
feat(platform-server): add API to render Module and ModuleFactory to string (#14381) - PlatformState provides an interface to serialize the current Platform State as a string or Document. - renderModule and renderModuleFactory are convenience methods to wait for Angular Application to stabilize and then render the state to a string. - refactor code to remove defaultDoc from DomAdapter and inject DOCUMENT where it's needed. 2017-02-14 16:14:40 -08:00			`const svc = new DomSanitizerImpl(null);`
feat(security): trust resource URLs as URLs. (#10220) Resource URLs are strictly "more" trustworthy than plain URLs, so trusting them maintains the same level of security while avoiding to break people when we downgrade a resource URL context to a plain URL context. 2016-07-21 17:44:59 -07:00			`const resourceUrl = svc.bypassSecurityTrustResourceUrl('http://hello/world');`
			`t.expect(svc.sanitize(SecurityContext.URL, resourceUrl)).toBe('http://hello/world');`
			`});`
			`});`
			`}`