Victor Berchet
6e62217b78
fix(WebWorker): remove the platform-browser dependency on compiler
2016-05-18 16:23:09 -07:00
Joost de Vries
a01a54c180
adds 'repository' metadata to npm modules ( #8649 )
2016-05-17 23:17:15 -07:00
Hannah Howard
db8290632f
fix(upgrade): fallback to root ng2 injector when element is compiled outside the document ( #8684 )
...
Currently downgraded ng2 elements fail inside a ui-router view because they are unable
to require an ng2 Injector via the require attribute of the DDO, because ui-router compiles
its templates before they are inserted in a ui-view. This adds a "fallback" behavior if
a parent injector cannot be found to go to the root ng2 Injector.
2016-05-17 15:55:53 -07:00
Hannah Howard
6cdc53c497
fix(UpgradeNg1ComponentAdapter): make bindings available on $scope in controller & link function ( #8645 )
...
Delays NG1 Directive controller instatiation where possible and pre-link function always
to the ngOnInit() lifecycle hook. This way bindings are always available on $scope in both
the controller and the link function.
2016-05-17 14:53:59 -07:00
Martin Probst
15ae710d22
feat(security): allow url(...) style values.
...
Allows sanitized URLs for CSS properties. These can be abused for information
leakage, but only if the CSS rules are already set up to allow for it. That is,
an attacker cannot cause information leakage without controlling the style rules
present, or a very particular setup.
Fixes #8514 .
2016-05-17 11:23:31 +02:00
Martin Probst
dd50124254
feat(security): allow data: URLs for images and videos.
...
Allows known-to-be-safe media types in data URIs.
Part of #8511 .
2016-05-17 10:57:14 +02:00
Tobias Bosch
ff36b0384a
fix(compiler_cli): normalize used directives
...
- e.g. needed for content projection.
Closes #8677
2016-05-16 13:07:13 -07:00
Martin Probst
50c9bed630
feat(security): expose the safe value types.
...
This allows users to properly type their `SafeHtml`, `SafeStyle`, etc values.
Fixes #8568 .
2016-05-15 11:47:06 +02:00
Martin Probst
8b1b427195
feat(security): support transform CSS functions for sanitization.
...
Fixes part of #8514 .
2016-05-14 13:25:45 +02:00
Vikram Subramanian
9a05ca95f6
fix(build): Release compiler_cli packages along with rest of @angular packages and use ANGULAR_VERSION for package version and peer dependencies.
2016-05-13 13:35:10 -07:00
Marc Laval
61b339678d
test(compiler): test schema generation only in Chrome
...
Closes #8581
2016-05-11 17:01:26 -07:00
Alex Eagle
817ddfa847
fix(compiler): allow --noImplicitAny
2016-05-11 16:56:12 -07:00
Alex Eagle
c1154b30c7
fix(compiler): allow decorators defined in the same file
2016-05-11 16:56:12 -07:00
Alex Eagle
0d71345b93
fix(codegen): codegen all files in the program, not just roots
...
fixes #8475
2016-05-11 16:56:12 -07:00
Alex Eagle
9e3df8eefe
chore(tsickle): remove redundant jsdoc types
...
tsickle doesn't like them, and anyway they are bound to get out-of-sync with the inline TS types
2016-05-10 17:38:10 +02:00
Martin Probst
3e68b7eb1f
feat(security): warn users when sanitizing in dev mode.
...
This should help developers to figure out what's going on when the sanitizer
strips some input.
Fixes #8522 .
2016-05-09 16:46:31 +02:00
Matias Niemelä
9fbafba993
chore(parsing): change internal usage of `@` to `:` for namespaced values
...
Closes #8346
2016-05-09 16:20:32 +02:00
Martin Probst
7a524e3deb
feat(security): add tests for URL sanitization.
2016-05-09 16:00:24 +02:00
Martin Probst
7b6c4d5acc
feat(security): add tests for style sanitisation.
2016-05-09 16:00:24 +02:00
Martin Probst
f86edae9f3
feat(security): add an HTML sanitizer.
...
This is based on Angular 1's implementation, parsing an HTML document
into an inert DOM Document implementation, and then serializing only
specifically whitelisted elements.
It currently does not support SVG sanitization, all SVG elements are
rejected.
If available, the sanitizer uses the `<template>` HTML element as an
inert container.
Sanitization works client and server-side.
Reviewers: rjamet, tbosch , molnarg , koto
Differential Revision: https://reviews.angular.io/D108
2016-05-09 16:00:24 +02:00
Martin Probst
df1b1f6957
feat(security): strip XSSI prefix from XHR responses.
2016-05-05 14:25:44 -07:00
Martin Probst
9099160038
chore: fix comment indent.
2016-05-05 12:46:07 -07:00
Martin Probst
67ed2e2c0a
feat(security): fill in missing security contexts.
...
Reviewers: koto, rjamet, molnarg
Differential Revision: https://reviews.angular.io/D109
2016-05-04 19:28:50 -07:00
Tobias Bosch
6d36a7a45f
chore: fix unit tests on node.js
...
Closes #8476
2016-05-04 18:00:29 -07:00
Tobias Bosch
e2b1e1577d
fix(core): don’t detach nested view containers when destroying a view
...
When a view is destroyed, we destroy all
views in view containers and should not detach them. However, previously, we also detached them which lead to problems during the iteration loop.
Closes #8458
Closes #8471
Introduced by 0c600cf6e3
2016-05-04 16:27:20 -07:00
vsavkin
b30ddfbfc5
chore(router): clang-format
2016-05-04 15:01:27 -07:00
vsavkin
abfb522f83
refactor(router): reuse existing segmentes when constructing new route trees
2016-05-04 14:51:04 -07:00
vsavkin
b8136cc26e
fix(router): provide a top-level route segment for injection
2016-05-04 14:51:04 -07:00
vsavkin
d00b26d941
refactor(router): update link to reuse url segments when possible
2016-05-04 14:51:04 -07:00
vsavkin
12637a761c
refactor(router): make names consistent
2016-05-04 14:50:00 -07:00
vsavkin
1a0aea67a0
feat(core): add a component resolver that can load components lazily using system.js
2016-05-04 14:50:00 -07:00
vsavkin
0f1465b899
feat(router): update router to support lazy loading
2016-05-04 14:50:00 -07:00
Tobias Bosch
a81923b793
fix(compiler): emit correct types for literal arrays and maps.
2016-05-04 12:14:44 -07:00
Tobias Bosch
7150ace7c7
fix(compiler): support lifecycle hooks in compiler_cli
2016-05-04 12:14:43 -07:00
Tobias Bosch
bdce154282
chore: add test script for compiler_cli
2016-05-04 12:14:43 -07:00
Tobias Bosch
5a84048f72
chore: adjust build for `tools/metadata` name change
2016-05-04 12:14:38 -07:00
Igor Minar
52595f52f9
chore: make workaround_empty_observable_list_diff @internal
2016-05-04 01:12:40 -06:00
Tobias Bosch
edec158dd8
fix(compiler_cli): allow to use builtin directives like `NgIf`, …
...
Related to #8448
Closes #8454
2016-05-03 20:49:17 -07:00
Tobias Bosch
0297398f5e
chore: clang-format master
2016-05-03 18:56:39 -07:00
Igor Minar
9485f5a813
fix: platform-server should declare it's dependency on parse5 via package.json
2016-05-03 18:07:52 -06:00
Tobias Bosch
eba6e7946d
refactor(compiler_cli): move it into modules/@angular and integrate properly into the build
...
This also does no more depend on a version
on npm for the compiler_cli.
Also runs the tests for tools/metadata
2016-05-03 15:57:49 -07:00
Igor Minar
b600915953
build: add licensing preamble to umd bundles
2016-05-03 13:59:30 -06:00
Igor Minar
905f38acb8
build: fix source map paths for npm packages
...
the bundles have source mpas disabled for now because when we downlevel
the esm bundle to es5 tsc doesn't consider the original source map so
we end up with a source map pointing to the esm bundle instead which is
not useful.
2016-05-03 13:36:33 -06:00
Vikram Subramanian
509f4ec611
fix(testing): Check for pending macrotasks in ComponentFixture.whenStable() and ComponentFixture.isStable()
...
Closes #8389
2016-05-03 11:50:35 -07:00
Felix Itzenplitz
27a7b51d99
fix(docs): upgrade deprecated ngFor-Syntax
2016-05-03 11:49:33 -07:00
vsavkin
b98c9e74e1
docs(router): add api docs
2016-05-03 11:35:07 -07:00
vsavkin
9f784dcc5a
cleanup(router): fix e2e tests
2016-05-03 10:25:44 -07:00
vsavkin
b625f2471a
feat(router): make RouterLink accept single values
2016-05-03 10:25:44 -07:00
vsavkin
3aa2606ff1
cleanup(router): make names consistent
2016-05-03 10:25:44 -07:00
vsavkin
89704e0f93
fix(router): add support for ../
2016-05-03 10:25:44 -07:00