Commit Graph

177 Commits

Author SHA1 Message Date
Victor Berchet 1a386a58c8 Revert "feat(change_detection): make INTERPOLATE_REGEXP customizable (#7417)"
This reverts commit c3fafa0651.

The symbols should be configured at the component level and not be global to the compiler.
2016-06-01 17:53:45 -07:00
Martin Probst 040b101842 feat(security): complete DOM security schema.
This addresses several oversights in assigning security contexts to DOM schema
elements found by our security reviewers (thanks!).

This also adds some more precise unit tests for the interaction between
(Dom)ElementSchemaRegistry and the TemplateParser, and extracts the security
specific parts into dom_security_schema.ts.

Comparison of (potentially) dangerous property names is done case insensitive,
to avoid issues like formAction vs formaction.

Part of issue #8511.
2016-05-27 11:47:33 -07:00
Victor Berchet 307d105d2c fix(DomRegistry): fix svg support 2016-05-26 16:46:00 -07:00
laco0416 f93512bf27 feat(ViewEncapsulation): default ViewEncapsulation to configurable
BREAKING CHANGES:

DirectiveNormalizer takes new constructor arguments, `config:CompilerConfig`.

Closes #7883
2016-05-26 13:23:37 -07:00
Suguru Inatomi c3fafa0651 feat(change_detection): make INTERPOLATE_REGEXP customizable (#7417)
BREAKING CHANGES:

`Parser` constructor required new parameter `config: CompilerConfig` as second argument.
2016-05-26 13:08:39 -07:00
Andrii Nechytailov 9036f78b74 fix(compiler): throw an error if variable with the same name is already defined. (#7209)
* fix(compiler): throw an error if variable with the same name is already defined. Closes #6492

* fix(compiler): Clean up formatting for issue #6492

* fix(compiler): throw an error if reference with the same name is already defined.

Closes #6492
2016-05-26 13:04:17 -07:00
Igor Minar 85ce184197 refactor(compiler): remove obsolete code (#8837) 2016-05-26 10:15:47 -07:00
Matias Niemelä 5e0f8cf3f0 feat(core): introduce support for animations
Closes #8734
2016-05-25 13:56:50 -07:00
Wesley Cho 53628e19ac fix(compiler): add ability to parse : in * directives
- Add ability to parse bindings properly when `:` is present when using a directive with the `*` prefix

Closes #6038
2016-05-24 21:43:10 -07:00
Grégory Bataille 60a2ba87d4 fix(#7099): support for comment finishing with multiple dashes
<!-- xxxx ------->

The issue came from a lack of support for backtracking on string
matching.
The way it is done, if the "end pattern" for consumeRawText starts with
twice the same character, you end up having problem when your string
being parsed has 3 times this char

Example
End string: xxyz
string to parse: aaaaaaxxxyz

calling consumeRawText(false, 'x', attemptParseStr('xyz')) would fail

Closes #7119
2016-05-24 21:01:41 -07:00
Victor Berchet 3e5716ec16 feat(i18n): support implicit tags/attributes 2016-05-24 10:12:19 -07:00
Tero Parviainen ceac045a7f fix(compiler): have CSS parser support nested parentheses inside functions
Closes #7580
2016-05-23 16:58:15 -07:00
Ward Bell 0a872ffd38 feat(core/linker): add SimpleChanges type to lifecycle_hooks to simplify OnChanges signature
Closes #8557
2016-05-23 16:11:52 -07:00
Vamsi Varikuti 0795dd307b refactor(chore): Replace all 'bindings' with 'providers'
BREAKING CHANGE

Deprecated `bindings:` and `viewBindings:` are replaced with
`providers:` and `viewProviders:`

Closes #7687
2016-05-23 13:31:08 -07:00
alexcastillo cb84cbf545 feat(shadow_css): add encapsulation support for CSS @supports at-rule
Closes #7944
2016-05-20 13:02:24 -07:00
Igor Minar 0035575c82 build: turn on tsc's stripInternal when producint public d.ts file
I also made some changes to fix imports and remove some stuff that caused
breakage once stripInternals was turned on.
2016-05-20 10:59:57 -07:00
Marc Laval 61b339678d test(compiler): test schema generation only in Chrome
Closes #8581
2016-05-11 17:01:26 -07:00
Alex Eagle 817ddfa847 fix(compiler): allow --noImplicitAny 2016-05-11 16:56:12 -07:00
Matias Niemelä 9fbafba993 chore(parsing): change internal usage of `@` to `:` for namespaced values
Closes #8346
2016-05-09 16:20:32 +02:00
Martin Probst 67ed2e2c0a feat(security): fill in missing security contexts.
Reviewers: koto, rjamet, molnarg

Differential Revision: https://reviews.angular.io/D109
2016-05-04 19:28:50 -07:00
Tobias Bosch 0297398f5e chore: clang-format master 2016-05-03 18:56:39 -07:00
Vikram Subramanian 509f4ec611 fix(testing): Check for pending macrotasks in ComponentFixture.whenStable() and ComponentFixture.isStable()
Closes #8389
2016-05-03 11:50:35 -07:00
Martin Probst 908a102a87 feat: security implementation in Angular 2.
Summary:
This adds basic security hooks to Angular 2.

* `SecurityContext` is a private API between core, compiler, and
  platform-browser. `SecurityContext` communicates what context a value is used
  in across template parser, compiler, and sanitization at runtime.
* `SanitizationService` is the bare bones interface to sanitize values for a
  particular context.
* `SchemaElementRegistry.securityContext(tagName, attributeOrPropertyName)`
  determines the security context for an attribute or property (it turns out
  attributes and properties match for the purposes of sanitization).

Based on these hooks:

* `DomSchemaElementRegistry` decides what sanitization applies in a particular
  context.
* `DomSanitizationService` implements `SanitizationService` and adds *Safe
  Value*s, i.e. the ability to mark a value as safe and not requiring further
  sanitization.
* `url_sanitizer` and `style_sanitizer` sanitize URLs and Styles, respectively
  (surprise!).

`DomSanitizationService` is the default implementation bound for browser
applications, in the three contexts (browser rendering, web worker rendering,
server side rendering).

BREAKING CHANGES:
*** SECURITY WARNING ***
Angular 2 Release Candidates do not implement proper contextual escaping yet.
Make sure to correctly escape all values that go into the DOM.
*** SECURITY WARNING ***

Reviewers: IgorMinar

Differential Revision: https://reviews.angular.io/D103
2016-05-03 09:21:43 -07:00
Tobias Bosch 00d3b6083c fix(compiler): support css stylesheets in offline compiler 2016-05-02 15:06:46 -07:00
Misko Hevery 3e17c99f4e chore: clang-reformat 2016-05-01 22:59:41 -07:00
Igor Minar a66cdb469f repackaging: all the repackaging changes squashed 2016-05-01 20:51:00 -07:00
Igor Minar 505da6c0a8 repackaging: all the file moves 2016-05-01 20:51:00 -07:00