Bjarki 6e18d2dacc fix(compiler): promote constants in templates to Trusted Types (#39211) ...

Angular treats constant values of attributes and properties in templates
as secure. This means that these values are not sanitized, and are
instead passed directly to the corresponding setAttribute or setProperty
function. In cases where the given attribute or property is
security-sensitive, this causes a Trusted Types violation.

To address this, functions for promoting constant strings to each of the
three Trusted Types are introduced to Angular's private codegen API. The
compiler is updated to wrap constant strings with calls to these
functions as appropriate when constructing the `consts` array. This is
only done for security-sensitive attributes and properties, as
classified by Angular's dom_security_schema.

PR Close #39211

2020-10-15 09:08:01 -07:00

..

design

docs: fix typo in architecture.md guide (#38853)

2020-09-16 15:19:43 -07:00

src

fix(compiler): promote constants in templates to Trusted Types (#39211)

2020-10-15 09:08:01 -07:00

test

fix(compiler): incorrectly encapsulating @import containing colons and semicolons (#38716)

2020-10-09 08:33:04 -07:00

testing

build: update license headers to reference Google LLC (#37205)

2020-05-26 14:26:58 -04:00

BUILD.bazel

build: add npm_integration_test && angular_integration_test (#33927)

2020-02-24 08:59:18 -08:00

compiler.ts

build: update license headers to reference Google LLC (#37205)

2020-05-26 14:26:58 -04:00

index.ts

build: update license headers to reference Google LLC (#37205)

2020-05-26 14:26:58 -04:00

package.json

Revert "build: remove wombot proxy registry from package.jsons for release (#37378)" (#37495)

2020-06-10 08:21:45 -07:00

public_api.ts

build: update license headers to reference Google LLC (#37205)

2020-05-26 14:26:58 -04:00