Hopiu/angular.js
1
0
Fork 0
mirror of https://github.com/Hopiu/angular.js.git synced 2026-05-14 01:33:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(ngSanitize): sanitizer should not accept <!--> as a valid comment

Browse source 
According to http://validator.w3.org/ , <!--> is not a valid comment
and neither is any comment containing the -- substring.
This commit is contained in:
R. Merkert 2013-08-17 19:09:28 -04:00 committed by Vojta Jina
parent bf512bb8ee
commit 21e9e8cf68
2 changed files with 36 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/ngSanitize/sanitize.js
View file

@ -210,9 +210,10 @@ function htmlParser( html, handler ) {
// Comment // Comment
if ( html.indexOf("<!--") === 0 ) { if ( html.indexOf("<!--") === 0 ) {
index = html.indexOf("-->"); // comments containing -- are not allowed unless they terminate the comment
index = html.indexOf("--", 4);
if ( index >= 0 ) { if ( index >= 0 && html.lastIndexOf("-->", index) === index) {
if (handler.comment) handler.comment( html.substring( 4, index ) ); if (handler.comment) handler.comment( html.substring( 4, index ) );
html = html.substring( index + 3 ); html = html.substring( index + 3 );
chars = false; chars = false;

34
test/ngSanitize/sanitizeSpec.js
View file

@ -15,7 +15,7 @@ describe('HTML', function() {
describe('htmlParser', function() { describe('htmlParser', function() {
if (angular.isUndefined(window.htmlParser)) return; if (angular.isUndefined(window.htmlParser)) return;
var handler, start, text; var handler, start, text, comment;
beforeEach(function() { beforeEach(function() {
handler = { handler = {
start: function(tag, attrs, unary){ start: function(tag, attrs, unary){
@ -35,10 +35,42 @@ describe('HTML', function() {
}, },
end:function(tag) { end:function(tag) {
expect(tag).toEqual(start.tag); expect(tag).toEqual(start.tag);
},
comment:function(comment_) {
comment = comment_;
} }
}; };
}); });
it('should parse comments', function() {
htmlParser('<!--FOOBAR-->', handler);
expect(comment).toEqual('FOOBAR');
});
it('should throw an exception for invalid comments', function() {
var caught=false;
try {
htmlParser('<!-->', handler);
}
catch (ex) {
caught = true;
// expected an exception due to a bad parse
}
expect(caught).toBe(true);
});
it('double-dashes are not allowed in a comment', function() {
var caught=false;
try {
htmlParser('<!-- -- -->', handler);
}
catch (ex) {
caught = true;
// expected an exception due to a bad parse
}
expect(caught).toBe(true);
});
it('should parse basic format', function() { it('should parse basic format', function() {
htmlParser('<tag attr="value">text</tag>', handler); htmlParser('<tag attr="value">text</tag>', handler);
expect(start).toEqual({tag:'tag', attrs:{attr:'value'}, unary:false}); expect(start).toEqual({tag:'tag', attrs:{attr:'value'}, unary:false});