angular.js

mirror of https://github.com/Hopiu/angular.js.git synced 2026-03-19 16:10:22 +00:00

History

Chirayu Krishnappa dae694739b feat(ngBindHtml, sce): combine ng-bind-html and ng-bind-html-unsafe Changes: - remove ng-bind-html-unsafe - ng-bind-html is now in core - ng-bind-html is secure - supports SCE - so you can bind to an arbitrary trusted string - automatic sanitization if $sanitize is available BREAKING CHANGE: ng-html-bind-unsafe has been removed and replaced by ng-html-bind (which has been removed from ngSanitize.) ng-bind-html provides ng-html-bind-unsafe like behavior (innerHTML's the result without sanitization) when bound to the result of $sce.trustAsHtml(string). When bound to a plain string, the string is sanitized via $sanitize before being innerHTML'd. If $sanitize isn't available, it's logs an exception.	2013-07-25 14:29:56 -07:00
..
filter	feat(linky): allow optional 'target' argument	2012-11-24 22:21:50 +01:00
sanitize.js	feat(ngBindHtml, sce): combine ng-bind-html and ng-bind-html-unsafe	2013-07-25 14:29:56 -07:00

Chirayu Krishnappa dae694739b feat(ngBindHtml, sce): combine ng-bind-html and ng-bind-html-unsafe

Changes:
- remove ng-bind-html-unsafe
- ng-bind-html is now in core
- ng-bind-html is secure
  - supports SCE - so you can bind to an arbitrary trusted string
  - automatic sanitization if $sanitize is available

BREAKING CHANGE:
  ng-html-bind-unsafe has been removed and replaced by ng-html-bind
  (which has been removed from ngSanitize.)  ng-bind-html provides
  ng-html-bind-unsafe like behavior (innerHTML's the result without
  sanitization) when bound to the result of $sce.trustAsHtml(string).
  When bound to a plain string, the string is sanitized via $sanitize
  before being innerHTML'd.  If $sanitize isn't available, it's logs an
  exception.

2013-07-25 14:29:56 -07:00

filter

feat(linky): allow optional 'target' argument

2012-11-24 22:21:50 +01:00

sanitize.js

feat(ngBindHtml, sce): combine ng-bind-html and ng-bind-html-unsafe

2013-07-25 14:29:56 -07:00