iSharkFly-Docs/angular-docs-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-docs-cn/packages/platform-browser/src
History
Peter Bacon Darwin a751649c8d fix(core): use appropriate inert document strategy for Firefox & Safari (#17019) 
Both Firefox and Safari are vulnerable to XSS if we use an inert document
created via `document.implementation.createHTMLDocument()`.

Now we check for those vulnerabilities and then use a DOMParser or XHR
strategy if needed.

Further the platform-server has its own library for parsing HTML, so we
sniff for that (by checking whether DOMParser exists) and fall back to
the standard strategy.

Thanks to @cure53 for the heads up on this issue.

PR Close #17019
2018-02-08 08:55:15 -08:00
..
browser
Revert "refactor(core): Removed readonly getters and changed to readonly (#19225)"
2017-09-28 13:36:44 -07:00
dom
Revert "fix(core): should use native addEventListener in ngZone (#20672)"
2017-11-29 14:56:29 -06:00
security
fix(core): use appropriate inert document strategy for Firefox & Safari (#17019)
2018-02-08 08:55:15 -08:00
browser.ts
perf: switch angular to use StaticInjector instead of ReflectiveInjector
2017-08-07 15:42:34 -07:00
platform-browser.externs.js
fix: create proper externs so that closure does not clobber e.g. ng for internal variables (#19423)
2017-09-26 15:02:33 -07:00
platform-browser.ts
feat(platform-server): add an API to transfer state from server (#19134)
2017-09-21 13:56:13 -07:00
private_export.ts
feat(platform-server): add an API to transfer state from server (#19134)
2017-09-21 13:56:13 -07:00
version.ts
refactor: move angular source to /packages rather than modules/@angular
2017-03-08 16:29:27 -08:00