honeymoose
/
angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,669 Commits 5 Branches 1 Tag 210 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Peter Bacon Darwin a751649c8d fix(core): use appropriate inert document strategy for Firefox & Safari (#17019) 
Both Firefox and Safari are vulnerable to XSS if we use an inert document
created via `document.implementation.createHTMLDocument()`.

Now we check for those vulnerabilities and then use a DOMParser or XHR
strategy if needed.

Further the platform-server has its own library for parsing HTML, so we
sniff for that (by checking whether DOMParser exists) and fall back to
the standard strategy.

Thanks to @cure53 for the heads up on this issue.

PR Close #17019
 2018-02-08 08:55:15 -08:00
Misko Hevery 47e251a80a build: remove `main()` from specs (#21053) 
PR Close #21053
 2017-12-22 13:10:51 -08:00
Marc Laval 516759b1ff test(platform-browser): fix mXSS attack test in Canary (#18809) 
PR Close #18809
 2017-09-22 13:10:00 -07:00
Victor Berchet 9479a106bb build: enable TSLint on the packages folder 2017-07-31 15:47:57 -07:00
Miško Hevery 728c9d0632 fix(platform-browser): Update types for TypeScript nullability support 
Closes #15898
 2017-04-18 12:07:33 -07:00
Victor Berchet a4076c70cc fix(platform-browser): prevent clobbered elements from freezing the browser 
see
4f69d38f09
 2017-03-16 10:16:39 -07:00
Victor Berchet 52bbc9baf4 refactor(platform-browser): cleanup HtmlSanitizer specs 2017-03-16 10:16:39 -07:00
Jason Aden 8573e36574 build: fix file paths after moving modules/@angular/* to packages/* 2017-03-08 16:29:28 -08:00
Jason Aden 3e51a19983 refactor: move angular source to /packages rather than modules/@angular 2017-03-08 16:29:27 -08:00