262ba67525
In the past, the sanitizer would remove unsafe elements, but still traverse and sanitize (and potentially preserve) their content. This was problematic in the case of `<style></style>` tags, whose content would be converted to HTML text nodes. In order to fix this, the sanitizer's behavior was changed in #25879 to ignore the content of _all_ unsafe elements. While this fixed the problem with `<style></style>` tags, it unnecessarily removed the contents for _any_ unsafe element. This was an unneeded breaking change. This commit partially restores the old sanitizer behavior (namely traversing content of unsafe elements), but introduces a list of elements whose content should not be traversed if the elements themselves are considered unsafe. Currently, this list contains `style`, `script` and `template`. Related to #25879 and #26007. Fixes #28427 PR Close #28804 |
||
---|---|---|
.buildkite | ||
.circleci | ||
.github | ||
.vscode | ||
aio | ||
docs | ||
integration | ||
modules | ||
packages | ||
scripts | ||
third_party | ||
tools | ||
.bazelignore | ||
.bazelrc | ||
.clang-format | ||
.editorconfig | ||
.gitattributes | ||
.gitignore | ||
.mailmap | ||
.nvmrc | ||
BUILD.bazel | ||
CHANGELOG.md | ||
CODE_OF_CONDUCT.md | ||
CONTRIBUTING.md | ||
LICENSE | ||
README.md | ||
WORKSPACE | ||
browser-providers.conf.js | ||
gulpfile.js | ||
index.bzl | ||
karma-js.conf.js | ||
package.json | ||
protractor-perf.conf.js | ||
renovate.json | ||
shims_for_IE.js | ||
test-events.js | ||
test-main.js | ||
tslint.json | ||
yarn.lock | ||
yarn.lock.readme.md |
README.md
Angular
Angular is a development platform for building mobile and desktop web applications using Typescript/JavaScript and other languages.
Quickstart
Changelog
Learn about the latest improvements.
Want to help?
Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contributing and then check out one of our issues in the hotlist: community-help.