BREAKING CHANGE:
Exceptions are no longer part of the public API. We don't expect that anyone should be referring to the Exception types.
ExceptionHandler.call(exception: any, stackTrace?: any, reason?: string): void;
change to:
ErrorHandler.handleError(error: any): void;
Closes#9729
BREAKING CHANGE:
`Type` is now `Type<T>` which means that in most cases you have to
use `Type<any>` in place of `Type`.
We don't expect that any user applications use the `Type` type.
Automatically recognize XSRF protection cookies, and set a corresponding XSRF
header. Allows applications to configure the cookie names, or if needed,
completely override the XSRF request configuration by binding their own
XSRFHandler implementation.
Part of #8511.
This is based on Angular 1's implementation, parsing an HTML document
into an inert DOM Document implementation, and then serializing only
specifically whitelisted elements.
It currently does not support SVG sanitization, all SVG elements are
rejected.
If available, the sanitizer uses the `<template>` HTML element as an
inert container.
Sanitization works client and server-side.
Reviewers: rjamet, tbosch , molnarg , koto
Differential Revision: https://reviews.angular.io/D108
