Go to file

George Kalpakas 262ba67525 fix(core): traverse and sanitize content of unsafe elements (#28804 )

In the past, the sanitizer would remove unsafe elements, but still
traverse and sanitize (and potentially preserve) their content. This was
problematic in the case of `<style></style>` tags, whose content would
be converted to HTML text nodes.

In order to fix this, the sanitizer's behavior was changed in #25879 to
ignore the content of _all_ unsafe elements. While this fixed the
problem with `<style></style>` tags, it unnecessarily removed the
contents for _any_ unsafe element. This was an unneeded breaking change.

This commit partially restores the old sanitizer behavior (namely
traversing content of unsafe elements), but introduces a list of
elements whose content should not be traversed if the elements
themselves are considered unsafe. Currently, this list contains `style`,
`script` and `template`.

Related to #25879 and #26007.

Fixes #28427

PR Close #28804

2019-02-26 13:32:09 -08:00

.buildkite

ci: update buildkite provision instructions (#28273 )

2019-02-07 12:36:27 -08:00

.circleci

ci: add bazel_repository_cache to CircleCI workspace (#28935 )

2019-02-25 08:14:49 -08:00

.github

ci: exclude **/third_party/** from google3 check (#28870 )

2019-02-20 09:17:20 -08:00

.vscode

build: show no warning for large git repos (#28055 )

2019-02-12 20:58:27 -08:00

aio

docs: add ivy opt-in docs (#28569 )

2019-02-26 08:42:47 -08:00

docs

build: update to rules_typescript 0.25.1 (#28625 )

2019-02-21 07:46:21 -08:00

integration

fix(ivy): static host classes and styles should work on root component (#28926 )

2019-02-26 13:29:36 -08:00

modules

build: update to rules_typescript 0.25.1 (#28625 )

2019-02-21 07:46:21 -08:00

packages

fix(core): traverse and sanitize content of unsafe elements (#28804 )

2019-02-26 13:32:09 -08:00

scripts

build(bazel): run a number of web tests with karma_web_test in saucelabs in CircleCI (#27721 )

2019-02-22 13:07:08 -08:00

third_party

build: use vendored yarn under Bazel (#28839 )

2019-02-20 09:19:03 -08:00

tools

fix(ivy): static host classes and styles should work on root component (#28926 )

2019-02-26 13:29:36 -08:00

.bazelignore

ci: share data between jobs using workspaces (#28928 )

2019-02-22 13:24:11 -08:00

.bazelrc

build(bazel): run a number of web tests with karma_web_test in saucelabs in CircleCI (#27721 )

2019-02-22 13:07:08 -08:00

.clang-format

feat(tooling): Add a .clang-format for automated JavaScript formatting.

2015-04-02 08:44:34 -07:00

.editorconfig

build: use https link to editorconfig.org in .editorconfig (#27664 )

2018-12-18 09:30:09 -08:00

.gitattributes

chore: force lf EOL for ts files (#11143 )

2016-08-29 12:41:58 -07:00

.gitignore

build: update and unify gitignore (#28316 )

2019-01-23 10:55:21 -08:00

.mailmap

build: add a Git .mailmap with my new name (#19550 )

2017-10-09 14:35:30 -07:00

.nvmrc

build: update .nvmrc file to correct node version (#25992 )

2018-09-18 13:11:58 -07:00

browser-providers.conf.js

build: remove travisci leftovers (#27979 )

2019-01-09 10:41:16 -08:00

BUILD.bazel

build: added comments after review (#27721 )

2019-02-22 13:07:08 -08:00

CHANGELOG.md

release: cut the v8.0.0-beta.5 release

2019-02-20 13:24:02 -08:00

CODE_OF_CONDUCT.md

docs: fix community tab in GitHub by copying CoC

2018-02-27 19:02:30 -08:00

CONTRIBUTING.md

build: remove travisci leftovers (#27979 )

2019-01-09 10:41:16 -08:00

gulpfile.js

build: gulp format only changed lines by default (#28411 )

2019-02-04 16:49:16 -05:00

index.bzl

style: format .bzl files with buildifier (#23544 )

2018-08-08 13:12:07 -07:00

karma-js.conf.js

build: added comments after review (#27721 )

2019-02-22 13:07:08 -08:00

LICENSE

build: bump year (#27880 )

2019-01-11 11:15:59 -08:00

package.json

build: update to latest bazel rules (#28931 )

2019-02-22 17:27:09 -08:00

protractor-perf.conf.js

build: remove legacy e2e tests job (#28645 )

2019-02-13 12:15:02 -08:00

README.md

docs: update link for CircleCI badge to point workflow

2019-02-07 14:14:59 -08:00

renovate.json

ci: add renovate configuration (#28121 )

2019-02-19 11:09:01 -08:00

shims_for_IE.js

Revert "refactor: add license header to JS files & format files (#12035 )"

2016-10-04 14:06:41 -07:00

test-events.js

fix(platform-browser): run BLACK_LISTED_EVENTS outside of ngZone (#18993 )

2017-09-05 15:33:22 -05:00

test-main.js

refactor(core): remove withBody from public testing API (#25171 )

2018-07-31 15:09:32 -07:00

tslint.json

build: remove unused rollup.config.js files (#28646 )

2019-02-14 19:28:08 +00:00

WORKSPACE

build: update to latest bazel rules (#28931 )

2019-02-22 17:27:09 -08:00

yarn.lock

build: update to latest bazel rules (#28931 )

2019-02-22 17:27:09 -08:00

yarn.lock.readme.md

build: remove travisci leftovers (#27979 )

2019-01-09 10:41:16 -08:00

README.md

Angular

Angular is a development platform for building mobile and desktop web applications using Typescript/JavaScript and other languages.

Quickstart

Get started in 5 minutes.

Changelog

Learn about the latest improvements.

Want to help?

Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contributing and then check out one of our issues in the hotlist: community-help.

Languages

TypeScript 68.6%

HTML 12.8%

JavaScript 8.4%

Pug 7%

Starlark 1.4%

Other 1.7%