refactor(): use const and let instead of var

modules/@angular/platform-browser/test/security/html_sanitizer_spec.ts

@@ -74,12 +74,12 @@ export function main() {
           .toEqual('<p alt="% &amp; &#34; !">Hello</p>');  // NB: quote encoded as ASCII &#34;.
     });
     t.describe('should strip dangerous elements', () => {
-      let dangerousTags = [
+      const dangerousTags = [
         'frameset', 'form', 'param', 'object', 'embed', 'textarea', 'input', 'button', 'option',
         'select', 'script', 'style', 'link', 'base', 'basefont'
       ];
 
-      for (let tag of dangerousTags) {
+      for (const tag of dangerousTags) {
         t.it(
             `${tag}`, () => { t.expect(sanitizeHtml(`<${tag}>evil!</${tag}>`)).toEqual('evil!'); });
       }
@@ -88,9 +88,9 @@ export function main() {
       });
     });
     t.describe('should strip dangerous attributes', () => {
-      let dangerousAttrs = ['id', 'name', 'style'];
+      const dangerousAttrs = ['id', 'name', 'style'];
 
-      for (let attr of dangerousAttrs) {
+      for (const attr of dangerousAttrs) {
         t.it(`${attr}`, () => {
           t.expect(sanitizeHtml(`<a ${attr}="x">evil!</a>`)).toEqual('<a>evil!</a>');
         });

modules/@angular/platform-browser/test/security/url_sanitizer_spec.ts

@@ -48,7 +48,7 @@ export function main() {
         'data:video/webm;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/',
         'data:audio/opus;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/',
       ];
-      for (let url of validUrls) {
+      for (const url of validUrls) {
         t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toEqual(url));
       }
     });
@@ -72,7 +72,7 @@ export function main() {
         'data:text/javascript;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/',
         'data:application/x-msdownload;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/',
       ];
-      for (let url of invalidUrls) {
+      for (const url of invalidUrls) {
         t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toMatch(/^unsafe:/));
       }
     });
@@ -99,7 +99,7 @@ export function main() {
         'http://angular.io/images/test.png?maxage, http://angular.io/images/test.png?maxage',
         'http://angular.io/images/test.png?maxage=234, http://angular.io/images/test.png?maxage=234',
       ];
-      for (let srcset of validSrcsets) {
+      for (const srcset of validSrcsets) {
         t.it(`valid ${srcset}`, () => t.expect(sanitizeSrcset(srcset)).toEqual(srcset));
       }
     });
@@ -109,7 +109,7 @@ export function main() {
         'ht:tp://angular.io/images/test.png',
         'http://angular.io/images/test.png, ht:tp://angular.io/images/test.png',
       ];
-      for (let srcset of invalidSrcsets) {
+      for (const srcset of invalidSrcsets) {
         t.it(`valid ${srcset}`, () => t.expect(sanitizeSrcset(srcset)).toMatch(/unsafe:/));
       }
     });