refactor: rename SanitizationService to Sanitizer and DomSanitizationService to DomSanitizer (#11085)

BREAKING CHANGE: Previously inconsistently named APIs SanitizationService and DomSanitizationService were renamed to Sanitizer and DomSanitizer
This commit is contained in:
Igor Minar 2016-08-25 15:41:19 -07:00 committed by Victor Berchet
parent b867764b0d
commit 811962b2bb
10 changed files with 25 additions and 25 deletions

View File

@ -37,4 +37,4 @@ export * from './src/animation/metadata';
export {AnimationTransitionEvent} from './src/animation/animation_transition_event';
export {AnimationPlayer} from './src/animation/animation_player';
export {SanitizationService, SecurityContext} from './src/security';
export {Sanitizer, SecurityContext} from './src/security';

View File

@ -15,18 +15,18 @@ import {BaseException} from '../facade/exceptions';
import {isBlank, isPresent, looseIdentical} from '../facade/lang';
import {ViewEncapsulation} from '../metadata/view';
import {RenderComponentType, Renderer, RootRenderer} from '../render/api';
import {SanitizationService} from '../security';
import {Sanitizer} from '../security';
import {AppElement} from './element';
import {ExpressionChangedAfterItHasBeenCheckedException} from './exceptions';
@Injectable()
export class ViewUtils {
sanitizer: SanitizationService;
sanitizer: Sanitizer;
private _nextCompTypeId: number = 0;
constructor(
private _renderer: RootRenderer, @Inject(APP_ID) private _appId: string,
sanitizer: SanitizationService) {
sanitizer: Sanitizer) {
this.sanitizer = sanitizer;
}

View File

@ -11,7 +11,7 @@
* like `innerHTML` that could cause Cross Site Scripting (XSS) security bugs when improperly
* handled.
*
* See DomSanitizationService for more details on security in Angular applications.
* See DomSanitizer for more details on security in Angular applications.
*
* @stable
*/
@ -25,10 +25,10 @@ export enum SecurityContext {
}
/**
* SanitizationService is used by the views to sanitize potentially dangerous values.
* Sanitizer is used by the views to sanitize potentially dangerous values.
*
* @stable
*/
export abstract class SanitizationService {
export abstract class Sanitizer {
abstract sanitize(context: SecurityContext, value: string): string;
}

View File

@ -10,7 +10,7 @@ import {Component} from '@angular/core/src/metadata';
import {TestBed, getTestBed} from '@angular/core/testing';
import {afterEach, beforeEach, beforeEachProviders, ddescribe, describe, expect, inject, it} from '@angular/core/testing/testing_internal';
import {getDOM} from '@angular/platform-browser/src/dom/dom_adapter';
import {DomSanitizationService} from '@angular/platform-browser/src/security/dom_sanitization_service';
import {DomSanitizer} from '@angular/platform-browser/src/security/dom_sanitization_service';
export function main() {
describe('jit', () => { declareTests({useJit: true}); });
@ -59,7 +59,7 @@ function declareTests({useJit}: {useJit: boolean}) {
const template = `<a [href]="ctxProp">Link Title</a>`;
TestBed.overrideComponent(SecuredComponent, {set: {template}});
const fixture = TestBed.createComponent(SecuredComponent);
const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService);
const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer);
let e = fixture.debugElement.children[0].nativeElement;
let ci = fixture.debugElement.componentInstance;
@ -73,7 +73,7 @@ function declareTests({useJit}: {useJit: boolean}) {
const template = `<a [href]="ctxProp">Link Title</a>`;
TestBed.overrideComponent(SecuredComponent, {set: {template}});
const fixture = TestBed.createComponent(SecuredComponent);
const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService);
const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer);
let trusted = sanitizer.bypassSecurityTrustScript('javascript:alert(1)');
let ci = fixture.debugElement.componentInstance;
@ -85,7 +85,7 @@ function declareTests({useJit}: {useJit: boolean}) {
const template = `<a href="/foo/{{ctxProp}}">Link Title</a>`;
TestBed.overrideComponent(SecuredComponent, {set: {template}});
const fixture = TestBed.createComponent(SecuredComponent);
const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService);
const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer);
let e = fixture.debugElement.children[0].nativeElement;
let trusted = sanitizer.bypassSecurityTrustUrl('bar/baz');

View File

@ -15,7 +15,7 @@ export {By} from './src/dom/debug/by';
export {DOCUMENT} from './src/dom/dom_tokens';
export {EVENT_MANAGER_PLUGINS, EventManager} from './src/dom/events/event_manager';
export {HAMMER_GESTURE_CONFIG, HammerGestureConfig} from './src/dom/events/hammer_gestures';
export {DomSanitizationService, SafeHtml, SafeResourceUrl, SafeScript, SafeStyle, SafeUrl} from './src/security/dom_sanitization_service';
export {DomSanitizer, SafeHtml, SafeResourceUrl, SafeScript, SafeStyle, SafeUrl} from './src/security/dom_sanitization_service';
// Web Workers
export {ClientMessageBroker, ClientMessageBrokerFactory, FnArg, UiArguments} from './src/web_workers/shared/client_message_broker';
export {PRIMITIVE} from './src/web_workers/shared/serializer';
@ -28,4 +28,4 @@ export {WORKER_UI_LOCATION_PROVIDERS} from './src/web_workers/ui/location_provid
export {NgProbeToken} from './src/dom/debug/ng_probe';
export {platformWorkerUi, WebWorkerInstance, WORKER_SCRIPT, WORKER_UI_STARTABLE_MESSAGING_SERVICE} from './src/worker_render';
export {platformWorkerApp, WorkerAppModule} from './src/worker_app';
export * from './private_export';
export * from './private_export';

View File

@ -7,7 +7,7 @@
*/
import {CommonModule, PlatformLocation} from '@angular/common';
import {ApplicationModule, BaseException, ClassProvider, ExceptionHandler, ExistingProvider, FactoryProvider, NgModule, Optional, PLATFORM_INITIALIZER, PlatformRef, Provider, RootRenderer, SanitizationService, SkipSelf, Testability, TypeProvider, ValueProvider, createPlatformFactory, platformCore} from '@angular/core';
import {ApplicationModule, BaseException, ClassProvider, ExceptionHandler, ExistingProvider, FactoryProvider, NgModule, Optional, PLATFORM_INITIALIZER, PlatformRef, Provider, RootRenderer, Sanitizer, SkipSelf, Testability, TypeProvider, ValueProvider, createPlatformFactory, platformCore} from '@angular/core';
import {wtfInit} from '../core_private';
import {AnimationDriver} from '../src/dom/animation_driver';
@ -25,7 +25,7 @@ import {EVENT_MANAGER_PLUGINS, EventManager} from './dom/events/event_manager';
import {HAMMER_GESTURE_CONFIG, HammerGestureConfig, HammerGesturesPlugin} from './dom/events/hammer_gestures';
import {KeyEventsPlugin} from './dom/events/key_events';
import {DomSharedStylesHost, SharedStylesHost} from './dom/shared_styles_host';
import {DomSanitizationService, DomSanitizationServiceImpl} from './security/dom_sanitization_service';
import {DomSanitizer, DomSanitizerImpl} from './security/dom_sanitization_service';
export const INTERNAL_BROWSER_PLATFORM_PROVIDERS: Provider[] = [
{provide: PLATFORM_INITIALIZER, useValue: initDomAdapter, multi: true},
@ -39,8 +39,8 @@ export const INTERNAL_BROWSER_PLATFORM_PROVIDERS: Provider[] = [
* @experimental
*/
export const BROWSER_SANITIZATION_PROVIDERS: Array<any> = [
{provide: SanitizationService, useExisting: DomSanitizationService},
{provide: DomSanitizationService, useClass: DomSanitizationServiceImpl},
{provide: Sanitizer, useExisting: DomSanitizer},
{provide: DomSanitizer, useClass: DomSanitizerImpl},
];
/**

View File

@ -6,7 +6,7 @@
* found in the LICENSE file at https://angular.io/license
*/
import {Injectable, SanitizationService, SecurityContext} from '@angular/core';
import {Injectable, Sanitizer, SecurityContext} from '@angular/core';
import {sanitizeHtml} from './html_sanitizer';
import {sanitizeStyle} from './style_sanitizer';
@ -58,7 +58,7 @@ export interface SafeUrl extends SafeValue {}
export interface SafeResourceUrl extends SafeValue {}
/**
* DomSanitizationService helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing
* DomSanitizer helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing
* values to be safe to use in the different DOM contexts.
*
* For example, when binding a URL in an `<a [href]="someValue">` hyperlink, `someValue` will be
@ -88,7 +88,7 @@ export interface SafeResourceUrl extends SafeValue {}
*
* @stable
*/
export abstract class DomSanitizationService implements SanitizationService {
export abstract class DomSanitizer implements Sanitizer {
/**
* Sanitizes a value for use in the given SecurityContext.
*
@ -146,7 +146,7 @@ export abstract class DomSanitizationService implements SanitizationService {
@Injectable()
export class DomSanitizationServiceImpl extends DomSanitizationService {
export class DomSanitizerImpl extends DomSanitizer {
sanitize(ctx: SecurityContext, value: any): string {
if (value == null) return null;
switch (ctx) {

View File

@ -9,12 +9,12 @@
import {SecurityContext} from '@angular/core';
import * as t from '@angular/core/testing/testing_internal';
import {DomSanitizationServiceImpl} from '../../src/security/dom_sanitization_service';
import {DomSanitizerImpl} from '../../src/security/dom_sanitization_service';
export function main() {
t.describe('DOM Sanitization Service', () => {
t.it('accepts resource URL values for resource contexts', () => {
const svc = new DomSanitizationServiceImpl();
const svc = new DomSanitizerImpl();
const resourceUrl = svc.bypassSecurityTrustResourceUrl('http://hello/world');
t.expect(svc.sanitize(SecurityContext.URL, resourceUrl)).toBe('http://hello/world');
});

View File

@ -1092,7 +1092,7 @@ export declare abstract class RootRenderer {
}
/** @stable */
export declare abstract class SanitizationService {
export declare abstract class Sanitizer {
abstract sanitize(context: SecurityContext, value: string): string;
}

View File

@ -48,7 +48,7 @@ export declare function disableDebugTools(): void;
export declare const DOCUMENT: OpaqueToken;
/** @stable */
export declare abstract class DomSanitizationService implements SanitizationService {
export declare abstract class DomSanitizer implements Sanitizer {
abstract bypassSecurityTrustHtml(value: string): SafeHtml;
abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl;
abstract bypassSecurityTrustScript(value: string): SafeScript;