Hopiu/angular.js
1
0
Fork 0
mirror of https://github.com/Hopiu/angular.js.git synced 2026-03-16 23:30:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
angular.js/test
History
Misko Hevery 4fdab37659 create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. 
Sanitization works in two phases:
 1) We parse the HTML into sax-like events (start, end, chars).
    HTML parsing is very complex, and so it may very well be that what
    most browser consider valid HTML may not pares properly here,
    but we do best effort. We treat this parser as untrusted.
 2) We have safe sanitizeWriter which treats its input (start, end, chars)
    as untrusted content and escapes everything. It only allows elements
    in the whitelist and only allows attributes which are whitelisted.
    Any attribute value must not start with 'javascript:'. This check
    is performed after escaping for entity (&xAB; etc..) and ignoring
    any whitespace.

 - Correct linky filter to use safeHtmlWriter
 - Correct html filter to use safeHtmlWriter

Close #33; Close #34
2010-10-26 13:41:07 -07:00
..
scenario Fix test which was causing the Chrome runner to fail. Upgraded JSTD to latest. Cleanup whitespace. 2010-10-23 13:12:45 -07:00
angular-mocks.js fixing reference issue in angular-mocks.js 2010-10-13 17:42:55 -07:00
AngularSpec.js create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. 2010-10-26 13:41:07 -07:00
ApiSpecs.js adding an extra DateToUTC assertion 2010-10-16 21:31:23 -07:00
BinderTest.js fixed tests 2010-10-19 16:14:16 -07:00
BrowserSpecs.js Reworked the cookie synchronization between cookie service, $browser and document.cookie. 2010-09-27 15:10:05 -07:00
CompilerSpec.js Fixed issue where compiler would pass in detached text node if previous markup would have removed it. 2010-10-12 21:52:04 -07:00
ConsoleTest.js tests failing jstd to show cory 2010-04-08 13:43:40 -07:00
directivesSpec.js create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. 2010-10-26 13:41:07 -07:00
FiltersSpec.js Add millisecond support for date filter 2010-10-25 10:44:03 -07:00
FormattersTest.js Updated JSTD 2010-10-15 11:58:55 -07:00
InjectorSpec.js Introduced injector and $new to scope, and injection into link methods and controllers 2010-10-12 16:33:06 -07:00
jquery_alias.js happy 2010-05-24 13:54:32 -07:00
jquery_remove.js happy 2010-05-24 13:54:32 -07:00
JsonSpec.js fixed negative numbers in Json 2010-10-20 07:22:15 -07:00
manual.html Workaround for http://bugs.jquery.com/ticket/7292 2010-10-22 22:46:51 -07:00
markupSpec.js fixed test for ng:src which fails on IE, since IE treats undefined src as url to the current page. 2010-09-21 10:37:12 +02:00
ParserSpec.js JSON parser is now strict (ie, expressions are not allowed for security) 2010-10-18 08:50:36 -07:00
ResourceSpec.js Introduced injector and $new to scope, and injection into link methods and controllers 2010-10-12 16:33:06 -07:00
sanitizerSpec.js create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. 2010-10-26 13:41:07 -07:00
ScenarioSpec.js Introduced injector and $new to scope, and injection into link methods and controllers 2010-10-12 16:33:06 -07:00
ScopeSpec.js Introduced injector and $new to scope, and injection into link methods and controllers 2010-10-12 16:33:06 -07:00
servicesSpec.js $cookieStore should not be a global service 2010-10-23 14:22:30 -07:00
testabilityPatch.js create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. 2010-10-26 13:41:07 -07:00
ValidatorsTest.js Introduced injector and $new to scope, and injection into link methods and controllers 2010-10-12 16:33:06 -07:00
widgetsSpec.js Fix for getting into recursive $eval on scope. Close #59 2010-10-23 13:42:11 -07:00