Go to file
George Kalpakas 262ba67525 fix(core): traverse and sanitize content of unsafe elements (#28804)
In the past, the sanitizer would remove unsafe elements, but still
traverse and sanitize (and potentially preserve) their content. This was
problematic in the case of `<style></style>` tags, whose content would
be converted to HTML text nodes.

In order to fix this, the sanitizer's behavior was changed in #25879 to
ignore the content of _all_ unsafe elements. While this fixed the
problem with `<style></style>` tags, it unnecessarily removed the
contents for _any_ unsafe element. This was an unneeded breaking change.

This commit partially restores the old sanitizer behavior (namely
traversing content of unsafe elements), but introduces a list of
elements whose content should not be traversed if the elements
themselves are considered unsafe. Currently, this list contains `style`,
`script` and `template`.

Related to #25879 and #26007.

Fixes #28427

PR Close #28804
2019-02-26 13:32:09 -08:00
.buildkite ci: update buildkite provision instructions (#28273) 2019-02-07 12:36:27 -08:00
.circleci ci: add bazel_repository_cache to CircleCI workspace (#28935) 2019-02-25 08:14:49 -08:00
.github ci: exclude **/third_party/** from google3 check (#28870) 2019-02-20 09:17:20 -08:00
.vscode build: show no warning for large git repos (#28055) 2019-02-12 20:58:27 -08:00
aio docs: add ivy opt-in docs (#28569) 2019-02-26 08:42:47 -08:00
docs build: update to rules_typescript 0.25.1 (#28625) 2019-02-21 07:46:21 -08:00
integration fix(ivy): static host classes and styles should work on root component (#28926) 2019-02-26 13:29:36 -08:00
modules build: update to rules_typescript 0.25.1 (#28625) 2019-02-21 07:46:21 -08:00
packages fix(core): traverse and sanitize content of unsafe elements (#28804) 2019-02-26 13:32:09 -08:00
scripts build(bazel): run a number of web tests with karma_web_test in saucelabs in CircleCI (#27721) 2019-02-22 13:07:08 -08:00
third_party build: use vendored yarn under Bazel (#28839) 2019-02-20 09:19:03 -08:00
tools fix(ivy): static host classes and styles should work on root component (#28926) 2019-02-26 13:29:36 -08:00
.bazelignore ci: share data between jobs using workspaces (#28928) 2019-02-22 13:24:11 -08:00
.bazelrc build(bazel): run a number of web tests with karma_web_test in saucelabs in CircleCI (#27721) 2019-02-22 13:07:08 -08:00
.clang-format feat(tooling): Add a .clang-format for automated JavaScript formatting. 2015-04-02 08:44:34 -07:00
.editorconfig build: use https link to editorconfig.org in .editorconfig (#27664) 2018-12-18 09:30:09 -08:00
.gitattributes chore: force lf EOL for ts files (#11143) 2016-08-29 12:41:58 -07:00
.gitignore build: update and unify gitignore (#28316) 2019-01-23 10:55:21 -08:00
.mailmap build: add a Git .mailmap with my new name (#19550) 2017-10-09 14:35:30 -07:00
.nvmrc build: update .nvmrc file to correct node version (#25992) 2018-09-18 13:11:58 -07:00
BUILD.bazel build: added comments after review (#27721) 2019-02-22 13:07:08 -08:00
CHANGELOG.md release: cut the v8.0.0-beta.5 release 2019-02-20 13:24:02 -08:00
CODE_OF_CONDUCT.md docs: fix community tab in GitHub by copying CoC 2018-02-27 19:02:30 -08:00
CONTRIBUTING.md build: remove travisci leftovers (#27979) 2019-01-09 10:41:16 -08:00
LICENSE build: bump year (#27880) 2019-01-11 11:15:59 -08:00
README.md docs: update link for CircleCI badge to point workflow 2019-02-07 14:14:59 -08:00
WORKSPACE build: update to latest bazel rules (#28931) 2019-02-22 17:27:09 -08:00
browser-providers.conf.js build: remove travisci leftovers (#27979) 2019-01-09 10:41:16 -08:00
gulpfile.js build: `gulp format` only changed lines by default (#28411) 2019-02-04 16:49:16 -05:00
index.bzl style: format .bzl files with buildifier (#23544) 2018-08-08 13:12:07 -07:00
karma-js.conf.js build: added comments after review (#27721) 2019-02-22 13:07:08 -08:00
package.json build: update to latest bazel rules (#28931) 2019-02-22 17:27:09 -08:00
protractor-perf.conf.js build: remove legacy e2e tests job (#28645) 2019-02-13 12:15:02 -08:00
renovate.json ci: add renovate configuration (#28121) 2019-02-19 11:09:01 -08:00
shims_for_IE.js Revert "refactor: add license header to JS files & format files (#12035)" 2016-10-04 14:06:41 -07:00
test-events.js fix(platform-browser): run BLACK_LISTED_EVENTS outside of ngZone (#18993) 2017-09-05 15:33:22 -05:00
test-main.js refactor(core): remove withBody from public testing API (#25171) 2018-07-31 15:09:32 -07:00
tslint.json build: remove unused rollup.config.js files (#28646) 2019-02-14 19:28:08 +00:00
yarn.lock build: update to latest bazel rules (#28931) 2019-02-22 17:27:09 -08:00
yarn.lock.readme.md build: remove travisci leftovers (#27979) 2019-01-09 10:41:16 -08:00

README.md

CircleCI BrowserStack Status Join the chat at https://gitter.im/angular/angular npm version

Angular

Angular is a development platform for building mobile and desktop web applications using Typescript/JavaScript and other languages.

Quickstart

Get started in 5 minutes.

Changelog

Learn about the latest improvements.

Want to help?

Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contributing and then check out one of our issues in the hotlist: community-help.