refactor(core): move sanitization into core (#22540)
This is in preparation of having Ivy have sanitization inline. PR Close #22540
This commit is contained in:
Miško Hevery
committed by
Kara Erickson
Kara Erickson
parent
065bcc5aad
commit
538f1d980f
34
packages/core/src/sanitization/security.ts
Normal file
34
packages/core/src/sanitization/security.ts
Normal file
@ -0,0 +1,34 @@
|
||||
/**
|
||||
* @license
|
||||
* Copyright Google Inc. All Rights Reserved.
|
||||
*
|
||||
* Use of this source code is governed by an MIT-style license that can be
|
||||
* found in the LICENSE file at https://angular.io/license
|
||||
*/
|
||||
|
||||
/**
|
||||
* A SecurityContext marks a location that has dangerous security implications, e.g. a DOM property
|
||||
* like `innerHTML` that could cause Cross Site Scripting (XSS) security bugs when improperly
|
||||
* handled.
|
||||
*
|
||||
* See DomSanitizer for more details on security in Angular applications.
|
||||
*
|
||||
* @stable
|
||||
*/
|
||||
export enum SecurityContext {
|
||||
NONE = 0,
|
||||
HTML = 1,
|
||||
STYLE = 2,
|
||||
SCRIPT = 3,
|
||||
URL = 4,
|
||||
RESOURCE_URL = 5,
|
||||
}
|
||||
|
||||
/**
|
||||
* Sanitizer is used by the views to sanitize potentially dangerous values.
|
||||
*
|
||||
* @stable
|
||||
*/
|
||||
export abstract class Sanitizer {
|
||||
abstract sanitize(context: SecurityContext, value: {}|string|null): string|null;
|
||||
}
|
||||
Reference in New Issue
Block a user