docs(security): mark the various DomAdapters as unsafe. (#10868)

Part of #8511.
2016-08-17 13:42:18 -07:00
parent 4829fbb95c
commit 3009be8d6e
4 changed files with 15 additions and 0 deletions
--- a/modules/@angular/platform-browser/src/dom/dom_adapter.ts
+++ b/modules/@angular/platform-browser/src/dom/dom_adapter.ts
@ -29,6 +29,9 @@ export function setRootDomAdapter(adapter: DomAdapter) {
 /* tslint:disable:requireParameterType */
 /**
 * Provides DOM operations in an environment-agnostic way.
+ *
+ * @security Tread carefully! Interacting with the DOM directly is dangerous and
+ * can introduce XSS risks.
 */
 export abstract class DomAdapter {
  public resourceLoaderType: Type<any> = null;