diff --git a/modules/@angular/core/index.ts b/modules/@angular/core/index.ts index d883b137a6..530baa5916 100644 --- a/modules/@angular/core/index.ts +++ b/modules/@angular/core/index.ts @@ -37,4 +37,4 @@ export * from './src/animation/metadata'; export {AnimationTransitionEvent} from './src/animation/animation_transition_event'; export {AnimationPlayer} from './src/animation/animation_player'; -export {SanitizationService, SecurityContext} from './src/security'; +export {Sanitizer, SecurityContext} from './src/security'; diff --git a/modules/@angular/core/src/linker/view_utils.ts b/modules/@angular/core/src/linker/view_utils.ts index b7ff12e116..87a6e120c8 100644 --- a/modules/@angular/core/src/linker/view_utils.ts +++ b/modules/@angular/core/src/linker/view_utils.ts @@ -15,18 +15,18 @@ import {BaseException} from '../facade/exceptions'; import {isBlank, isPresent, looseIdentical} from '../facade/lang'; import {ViewEncapsulation} from '../metadata/view'; import {RenderComponentType, Renderer, RootRenderer} from '../render/api'; -import {SanitizationService} from '../security'; +import {Sanitizer} from '../security'; import {AppElement} from './element'; import {ExpressionChangedAfterItHasBeenCheckedException} from './exceptions'; @Injectable() export class ViewUtils { - sanitizer: SanitizationService; + sanitizer: Sanitizer; private _nextCompTypeId: number = 0; constructor( private _renderer: RootRenderer, @Inject(APP_ID) private _appId: string, - sanitizer: SanitizationService) { + sanitizer: Sanitizer) { this.sanitizer = sanitizer; } diff --git a/modules/@angular/core/src/security.ts b/modules/@angular/core/src/security.ts index cf5af1798a..ca803318d7 100644 --- a/modules/@angular/core/src/security.ts +++ b/modules/@angular/core/src/security.ts @@ -11,7 +11,7 @@ * like `innerHTML` that could cause Cross Site Scripting (XSS) security bugs when improperly * handled. * - * See DomSanitizationService for more details on security in Angular applications. + * See DomSanitizer for more details on security in Angular applications. * * @stable */ @@ -25,10 +25,10 @@ export enum SecurityContext { } /** - * SanitizationService is used by the views to sanitize potentially dangerous values. + * Sanitizer is used by the views to sanitize potentially dangerous values. * * @stable */ -export abstract class SanitizationService { +export abstract class Sanitizer { abstract sanitize(context: SecurityContext, value: string): string; } diff --git a/modules/@angular/core/test/linker/security_integration_spec.ts b/modules/@angular/core/test/linker/security_integration_spec.ts index 7d695f183a..ea07c60953 100644 --- a/modules/@angular/core/test/linker/security_integration_spec.ts +++ b/modules/@angular/core/test/linker/security_integration_spec.ts @@ -10,7 +10,7 @@ import {Component} from '@angular/core/src/metadata'; import {TestBed, getTestBed} from '@angular/core/testing'; import {afterEach, beforeEach, beforeEachProviders, ddescribe, describe, expect, inject, it} from '@angular/core/testing/testing_internal'; import {getDOM} from '@angular/platform-browser/src/dom/dom_adapter'; -import {DomSanitizationService} from '@angular/platform-browser/src/security/dom_sanitization_service'; +import {DomSanitizer} from '@angular/platform-browser/src/security/dom_sanitization_service'; export function main() { describe('jit', () => { declareTests({useJit: true}); }); @@ -59,7 +59,7 @@ function declareTests({useJit}: {useJit: boolean}) { const template = `Link Title`; TestBed.overrideComponent(SecuredComponent, {set: {template}}); const fixture = TestBed.createComponent(SecuredComponent); - const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService); + const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer); let e = fixture.debugElement.children[0].nativeElement; let ci = fixture.debugElement.componentInstance; @@ -73,7 +73,7 @@ function declareTests({useJit}: {useJit: boolean}) { const template = `Link Title`; TestBed.overrideComponent(SecuredComponent, {set: {template}}); const fixture = TestBed.createComponent(SecuredComponent); - const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService); + const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer); let trusted = sanitizer.bypassSecurityTrustScript('javascript:alert(1)'); let ci = fixture.debugElement.componentInstance; @@ -85,7 +85,7 @@ function declareTests({useJit}: {useJit: boolean}) { const template = `Link Title`; TestBed.overrideComponent(SecuredComponent, {set: {template}}); const fixture = TestBed.createComponent(SecuredComponent); - const sanitizer: DomSanitizationService = getTestBed().get(DomSanitizationService); + const sanitizer: DomSanitizer = getTestBed().get(DomSanitizer); let e = fixture.debugElement.children[0].nativeElement; let trusted = sanitizer.bypassSecurityTrustUrl('bar/baz'); diff --git a/modules/@angular/platform-browser/index.ts b/modules/@angular/platform-browser/index.ts index bd0143df1b..c16e913893 100644 --- a/modules/@angular/platform-browser/index.ts +++ b/modules/@angular/platform-browser/index.ts @@ -15,7 +15,7 @@ export {By} from './src/dom/debug/by'; export {DOCUMENT} from './src/dom/dom_tokens'; export {EVENT_MANAGER_PLUGINS, EventManager} from './src/dom/events/event_manager'; export {HAMMER_GESTURE_CONFIG, HammerGestureConfig} from './src/dom/events/hammer_gestures'; -export {DomSanitizationService, SafeHtml, SafeResourceUrl, SafeScript, SafeStyle, SafeUrl} from './src/security/dom_sanitization_service'; +export {DomSanitizer, SafeHtml, SafeResourceUrl, SafeScript, SafeStyle, SafeUrl} from './src/security/dom_sanitization_service'; // Web Workers export {ClientMessageBroker, ClientMessageBrokerFactory, FnArg, UiArguments} from './src/web_workers/shared/client_message_broker'; export {PRIMITIVE} from './src/web_workers/shared/serializer'; @@ -28,4 +28,4 @@ export {WORKER_UI_LOCATION_PROVIDERS} from './src/web_workers/ui/location_provid export {NgProbeToken} from './src/dom/debug/ng_probe'; export {platformWorkerUi, WebWorkerInstance, WORKER_SCRIPT, WORKER_UI_STARTABLE_MESSAGING_SERVICE} from './src/worker_render'; export {platformWorkerApp, WorkerAppModule} from './src/worker_app'; -export * from './private_export'; \ No newline at end of file +export * from './private_export'; diff --git a/modules/@angular/platform-browser/src/browser.ts b/modules/@angular/platform-browser/src/browser.ts index f97592af61..77683ea037 100644 --- a/modules/@angular/platform-browser/src/browser.ts +++ b/modules/@angular/platform-browser/src/browser.ts @@ -7,7 +7,7 @@ */ import {CommonModule, PlatformLocation} from '@angular/common'; -import {ApplicationModule, BaseException, ClassProvider, ExceptionHandler, ExistingProvider, FactoryProvider, NgModule, Optional, PLATFORM_INITIALIZER, PlatformRef, Provider, RootRenderer, SanitizationService, SkipSelf, Testability, TypeProvider, ValueProvider, createPlatformFactory, platformCore} from '@angular/core'; +import {ApplicationModule, BaseException, ClassProvider, ExceptionHandler, ExistingProvider, FactoryProvider, NgModule, Optional, PLATFORM_INITIALIZER, PlatformRef, Provider, RootRenderer, Sanitizer, SkipSelf, Testability, TypeProvider, ValueProvider, createPlatformFactory, platformCore} from '@angular/core'; import {wtfInit} from '../core_private'; import {AnimationDriver} from '../src/dom/animation_driver'; @@ -25,7 +25,7 @@ import {EVENT_MANAGER_PLUGINS, EventManager} from './dom/events/event_manager'; import {HAMMER_GESTURE_CONFIG, HammerGestureConfig, HammerGesturesPlugin} from './dom/events/hammer_gestures'; import {KeyEventsPlugin} from './dom/events/key_events'; import {DomSharedStylesHost, SharedStylesHost} from './dom/shared_styles_host'; -import {DomSanitizationService, DomSanitizationServiceImpl} from './security/dom_sanitization_service'; +import {DomSanitizer, DomSanitizerImpl} from './security/dom_sanitization_service'; export const INTERNAL_BROWSER_PLATFORM_PROVIDERS: Provider[] = [ {provide: PLATFORM_INITIALIZER, useValue: initDomAdapter, multi: true}, @@ -39,8 +39,8 @@ export const INTERNAL_BROWSER_PLATFORM_PROVIDERS: Provider[] = [ * @experimental */ export const BROWSER_SANITIZATION_PROVIDERS: Array = [ - {provide: SanitizationService, useExisting: DomSanitizationService}, - {provide: DomSanitizationService, useClass: DomSanitizationServiceImpl}, + {provide: Sanitizer, useExisting: DomSanitizer}, + {provide: DomSanitizer, useClass: DomSanitizerImpl}, ]; /** diff --git a/modules/@angular/platform-browser/src/security/dom_sanitization_service.ts b/modules/@angular/platform-browser/src/security/dom_sanitization_service.ts index 77e6041638..8fa0aa6d35 100644 --- a/modules/@angular/platform-browser/src/security/dom_sanitization_service.ts +++ b/modules/@angular/platform-browser/src/security/dom_sanitization_service.ts @@ -6,7 +6,7 @@ * found in the LICENSE file at https://angular.io/license */ -import {Injectable, SanitizationService, SecurityContext} from '@angular/core'; +import {Injectable, Sanitizer, SecurityContext} from '@angular/core'; import {sanitizeHtml} from './html_sanitizer'; import {sanitizeStyle} from './style_sanitizer'; @@ -58,7 +58,7 @@ export interface SafeUrl extends SafeValue {} export interface SafeResourceUrl extends SafeValue {} /** - * DomSanitizationService helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing + * DomSanitizer helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing * values to be safe to use in the different DOM contexts. * * For example, when binding a URL in an `` hyperlink, `someValue` will be @@ -88,7 +88,7 @@ export interface SafeResourceUrl extends SafeValue {} * * @stable */ -export abstract class DomSanitizationService implements SanitizationService { +export abstract class DomSanitizer implements Sanitizer { /** * Sanitizes a value for use in the given SecurityContext. * @@ -146,7 +146,7 @@ export abstract class DomSanitizationService implements SanitizationService { @Injectable() -export class DomSanitizationServiceImpl extends DomSanitizationService { +export class DomSanitizerImpl extends DomSanitizer { sanitize(ctx: SecurityContext, value: any): string { if (value == null) return null; switch (ctx) { diff --git a/modules/@angular/platform-browser/test/security/dom_sanitization_service_spec.ts b/modules/@angular/platform-browser/test/security/dom_sanitization_service_spec.ts index 8ee963cad1..c3b83d7ddb 100644 --- a/modules/@angular/platform-browser/test/security/dom_sanitization_service_spec.ts +++ b/modules/@angular/platform-browser/test/security/dom_sanitization_service_spec.ts @@ -9,12 +9,12 @@ import {SecurityContext} from '@angular/core'; import * as t from '@angular/core/testing/testing_internal'; -import {DomSanitizationServiceImpl} from '../../src/security/dom_sanitization_service'; +import {DomSanitizerImpl} from '../../src/security/dom_sanitization_service'; export function main() { t.describe('DOM Sanitization Service', () => { t.it('accepts resource URL values for resource contexts', () => { - const svc = new DomSanitizationServiceImpl(); + const svc = new DomSanitizerImpl(); const resourceUrl = svc.bypassSecurityTrustResourceUrl('http://hello/world'); t.expect(svc.sanitize(SecurityContext.URL, resourceUrl)).toBe('http://hello/world'); }); diff --git a/tools/public_api_guard/core/index.d.ts b/tools/public_api_guard/core/index.d.ts index d62bec97f3..53f3073c03 100644 --- a/tools/public_api_guard/core/index.d.ts +++ b/tools/public_api_guard/core/index.d.ts @@ -1092,7 +1092,7 @@ export declare abstract class RootRenderer { } /** @stable */ -export declare abstract class SanitizationService { +export declare abstract class Sanitizer { abstract sanitize(context: SecurityContext, value: string): string; } diff --git a/tools/public_api_guard/platform-browser/index.d.ts b/tools/public_api_guard/platform-browser/index.d.ts index 75f863de5f..7ab864aa96 100644 --- a/tools/public_api_guard/platform-browser/index.d.ts +++ b/tools/public_api_guard/platform-browser/index.d.ts @@ -48,7 +48,7 @@ export declare function disableDebugTools(): void; export declare const DOCUMENT: OpaqueToken; /** @stable */ -export declare abstract class DomSanitizationService implements SanitizationService { +export declare abstract class DomSanitizer implements Sanitizer { abstract bypassSecurityTrustHtml(value: string): SafeHtml; abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl; abstract bypassSecurityTrustScript(value: string): SafeScript;