honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
angular-cn/packages
History
Bjarki 49197d12a0 feat(core): create a Trusted Types policy for bypass conversions (#39218) 
When an application uses a custom sanitizer or one of the
bypassSecurityTrust functions, Angular has no way of knowing whether
they are implemented in a secure way. (It doesn't even know if they're
introduced by the application or by a shady third-party dependency.)
Thus using Angular's main Trusted Types policy to bless values coming
from these two sources would undermine the security that Trusted Types
brings.

Instead, introduce a Trusted Types policy called angular#unsafe-bypass
specifically for blessing values from these sources. This allows an
application to enforce Trusted Types even if their application uses a
custom sanitizer or the bypassSecurityTrust functions, knowing that
compromises to either of these two sources may lead to arbitrary script
execution. In the future Angular will provide a way to implement
custom sanitizers in a manner that makes better use of Trusted Types.

PR Close #39218
2020-10-16 08:13:52 -07:00
..
animations
docs: remove IE10 references from comments in the code (#39090)
2020-10-13 15:51:49 -07:00
bazel
feat(core): remove ViewEncapsulation.Native (#38882)
2020-10-08 11:56:03 -07:00
benchpress
build: add wombot proxy for publish config for @angular/benchpress (#37752)
2020-06-25 17:08:18 -07:00
common
docs: remove IE10 references from comments in the code (#39090)
2020-10-13 15:51:49 -07:00
compiler
fix(compiler): use Trusted Types policy in JIT compiler (#39210)
2020-10-16 08:13:14 -07:00
compiler-cli
fix(ngcc): ensure that "inline exports" can be interpreted correctly (#39267)
2020-10-14 14:11:45 -07:00
core
feat(core): create a Trusted Types policy for bypass conversions (#39218)
2020-10-16 08:13:52 -07:00
docs
docs(di): fix typo in advanced di doc (#36634)
2020-05-01 09:50:28 -07:00
elements
refactor(elements): simplify code after IE<11 support removal (#39265)
2020-10-14 14:11:22 -07:00
examples
docs: remove explicit boolean type in examples as TS infers it automatically (#39081)
2020-10-06 08:39:01 -07:00
forms
fix(forms): improve types of directive constructor arguments (#38944)
2020-10-06 10:14:21 -07:00
language-service
refactor(language-service): Return directive defs when input name is part of selector (#39243)
2020-10-15 14:17:24 -07:00
localize
build: upgrade angular build, integration/bazel and @angular/bazel package to rule_nodejs 2.2.0 (#39182)
2020-10-08 11:54:59 -07:00
misc/angular-in-memory-web-api
feat(core): update reference and doc to change async to waitAsync. (#37583)
2020-08-03 12:54:13 -07:00
platform-browser
refactor(core): make HTML sanitizer return TrustedHTML (#39218)
2020-10-16 08:13:52 -07:00
platform-browser-dynamic
feat(core): update reference and doc to change async to waitAsync. (#37583)
2020-08-03 12:54:13 -07:00
platform-server
feat(core): remove ViewEncapsulation.Native (#38882)
2020-10-08 11:56:03 -07:00
private/testing
build: update license headers to reference Google LLC (#37205)
2020-05-26 14:26:58 -04:00
router
feat(router): add new initialNavigation options to replace legacy (#37480)
2020-10-14 11:20:51 -07:00
service-worker
feat(service-worker): add the option to prefer network for navigation requests (#38565)
2020-09-22 09:29:20 -07:00
upgrade
docs: remove IE10 references from comments in the code (#39090)
2020-10-13 15:51:49 -07:00
zone.js
build(zone.js): zone.js should output esm format for fesm2015 bundles (#39203)
2020-10-15 09:07:38 -07:00
BUILD.bazel
build: replace @types/trusted-types dep with minimal type defs (#39211)
2020-10-15 09:08:00 -07:00
circular-deps-test.conf.js
fix(platform-webworker): remove platform-webworker and platform-webworker-dynamic (#38846)
2020-09-30 09:13:59 -04:00
empty.ts
build: update license headers to reference Google LLC (#37205)
2020-05-26 14:26:58 -04:00
goog.d.ts
build: update license headers to reference Google LLC (#37205)
2020-05-26 14:26:58 -04:00
license-banner.txt
build: bump year (#34651)
2020-01-13 07:21:43 -08:00
README.md
docs: add doc reference to npm package readme (#33911)
2019-11-20 14:46:23 -08:00
system.d.ts
build: update license headers to reference Google LLC (#37205)
2020-05-26 14:26:58 -04:00
tsconfig-build-no-strict.json
refactor(core): ensure compatibility with typescript strict flag (#30993)
2019-07-18 14:21:25 -07:00
tsconfig-build.json
refactor(core): ensure compatibility with typescript strict flag (#30993)
2019-07-18 14:21:25 -07:00
tsconfig-test.json
refactor: fix typescript strict flag failures in all tests (#30993)
2019-07-18 14:21:26 -07:00
tsconfig.json
fix(platform-webworker): remove platform-webworker and platform-webworker-dynamic (#38846)
2020-09-30 09:13:59 -04:00
types.d.ts
build: replace @types/trusted-types dep with minimal type defs (#39211)
2020-10-15 09:08:00 -07:00

README.md

Angular

The sources for this package are in the main Angular repo. Please file issues and pull requests against that repo.

Usage information and reference details can be found in Angular documentation.

License: MIT