History

Bjarki 81aa119739 fix(core): convert legacy-sanitized values to Trusted Types (#39218 )

Use the bypass-specific Trusted Types policy for automatically upgrade
any values from custom sanitizers or the bypassSecurityTrust functions
to a Trusted Type. Update tests to reflect the new behavior.

PR Close #39218

2020-10-16 08:13:52 -07:00

bypass.ts

build: update license headers to reference Google LLC (#37205 )

2020-05-26 14:26:58 -04:00

html_sanitizer.ts

refactor(core): make HTML sanitizer return TrustedHTML (#39218 )

2020-10-16 08:13:52 -07:00

inert_body.ts

docs: remove IE10 references from comments in the code (#39090 )

2020-10-13 15:51:49 -07:00

readme.md

refactor(core): move sanitization into core (#22540 )

2018-03-07 18:24:06 -08:00

sanitization.ts

fix(core): convert legacy-sanitized values to Trusted Types (#39218 )

2020-10-16 08:13:52 -07:00

sanitizer.ts

build: update license headers to reference Google LLC (#37205 )

2020-05-26 14:26:58 -04:00

security.ts

build: update license headers to reference Google LLC (#37205 )

2020-05-26 14:26:58 -04:00

url_sanitizer.ts

feat(platform-browser): Allow sms-URLs (#31463 )

2020-06-26 11:12:32 -07:00

readme.md

Sanitization

This folder contains sanitization related code.

History

It used to be that sanitization related code used to be in @angular/platform-browser since it is platform related. While this is true, in practice the compiler schema is permanently tied to the DOM and hence the fact that sanitizer could in theory be replaced is not used in practice.

In order to better support tree shaking we need to be able to refer to the sanitization functions from the Ivy code. For this reason the code has been moved into the @angular/core.