angular-cn

Commit Graph

Author	SHA1	Message	Date
Martin Probst	3e68b7eb1f	feat(security): warn users when sanitizing in dev mode. This should help developers to figure out what's going on when the sanitizer strips some input. Fixes #8522.	2016-05-09 16:46:31 +02:00
Martin Probst	f86edae9f3	feat(security): add an HTML sanitizer. This is based on Angular 1's implementation, parsing an HTML document into an inert DOM Document implementation, and then serializing only specifically whitelisted elements. It currently does not support SVG sanitization, all SVG elements are rejected. If available, the sanitizer uses the `<template>` HTML element as an inert container. Sanitization works client and server-side. Reviewers: rjamet, tbosch , molnarg , koto Differential Revision: https://reviews.angular.io/D108	2016-05-09 16:00:24 +02:00

Author

SHA1

Message

Date

Martin Probst

3e68b7eb1f

feat(security): warn users when sanitizing in dev mode.

This should help developers to figure out what's going on when the sanitizer
strips some input.

Fixes #8522.

2016-05-09 16:46:31 +02:00

Martin Probst

f86edae9f3

feat(security): add an HTML sanitizer.

This is based on Angular 1's implementation, parsing an HTML document
into an inert DOM Document implementation, and then serializing only
specifically whitelisted elements.

It currently does not support SVG sanitization, all SVG elements are
rejected.

If available, the sanitizer uses the `<template>` HTML element as an
inert container.

Sanitization works client and server-side.

Reviewers: rjamet, tbosch , molnarg , koto

Differential Revision: https://reviews.angular.io/D108

2016-05-09 16:00:24 +02:00

2 Commits