iSharkFly-Docs
/
angular-docs-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs(security): mark the various DomAdapters as unsafe. (#10868) 

Part of #8511.
This commit is contained in:
Martin Probst 2016-08-17 13:42:18 -07:00 committed by Kara
parent 4829fbb95c
commit 3009be8d6e
4 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/@angular/platform-browser/src/browser/browser_adapter.ts
View File

@ -64,6 +64,9 @@ var _chromeNumKeyPadMap = {
/** /**
* A `DomAdapter` powered by full browser DOM APIs. * A `DomAdapter` powered by full browser DOM APIs.
*
* @security Tread carefully! Interacting with the DOM directly is dangerous and
* can introduce XSS risks.
*/ */
/* tslint:disable:requireParameterType */ /* tslint:disable:requireParameterType */
export class BrowserDomAdapter extends GenericBrowserDomAdapter { export class BrowserDomAdapter extends GenericBrowserDomAdapter {

3
modules/@angular/platform-browser/src/browser/generic_browser_adapter.ts
View File

@ -14,6 +14,9 @@ import {isFunction, isPresent} from '../facade/lang';
/** /**
* Provides DOM operations in any browser environment. * Provides DOM operations in any browser environment.
*
* @security Tread carefully! Interacting with the DOM directly is dangerous and
* can introduce XSS risks.
*/ */
export abstract class GenericBrowserDomAdapter extends DomAdapter { export abstract class GenericBrowserDomAdapter extends DomAdapter {
private _animationPrefix: string = null; private _animationPrefix: string = null;

3
modules/@angular/platform-browser/src/dom/dom_adapter.ts
View File

@ -29,6 +29,9 @@ export function setRootDomAdapter(adapter: DomAdapter) {
/* tslint:disable:requireParameterType */ /* tslint:disable:requireParameterType */
/** /**
* Provides DOM operations in an environment-agnostic way. * Provides DOM operations in an environment-agnostic way.
*
* @security Tread carefully! Interacting with the DOM directly is dangerous and
* can introduce XSS risks.
*/ */
export abstract class DomAdapter { export abstract class DomAdapter {
public resourceLoaderType: Type<any> = null; public resourceLoaderType: Type<any> = null;

6
modules/@angular/platform-server/src/parse5_adapter.ts
View File

@ -35,6 +35,12 @@ function _notImplemented(methodName: any /** TODO #9100 */) {
} }
/* tslint:disable:requireParameterType */ /* tslint:disable:requireParameterType */
/**
* A `DomAdapter` powered by the `parse5` NodeJS module.
*
* @security Tread carefully! Interacting with the DOM directly is dangerous and
* can introduce XSS risks.
*/
export class Parse5DomAdapter extends DomAdapter { export class Parse5DomAdapter extends DomAdapter {
static makeCurrent() { static makeCurrent() {
parser = new parse5.Parser(parse5.TreeAdapters.htmlparser2); parser = new parse5.Parser(parse5.TreeAdapters.htmlparser2);