docs(security): security api doc update and fix stability marker for Type

modules/@angular/platform-browser/src/browser.ts

@@ -44,6 +44,9 @@ export const BROWSER_PLATFORM_PROVIDERS: Array<any /*Type | Provider | any[]*/>
 ];
 
 /**
+ * @security Replacing built-in sanitization providers exposes the application to XSS risks.
+ * Attacker-controlled data introduced by an unsanitized provider could expose your
+ * application to XSS risks. For more detail, see the [Security Guide](http://g.co/ng/security).
  * @experimental
  */
 export const BROWSER_SANITIZATION_PROVIDERS: Array<any> = [

modules/@angular/platform-browser/src/security/dom_sanitization_service.ts

@@ -83,6 +83,11 @@ export interface SafeResourceUrl extends SafeValue {}
  * does not start with a suspicious protocol, or an HTML snippet that does not contain dangerous
  * code. The sanitizer leaves safe values intact.
  *
+ * @security Calling any of the `bypassSecurityTrust...` APIs disables Angular's built-in
+ * sanitization for the value passed in. Carefully check and audit all values and code paths going
+ * into this call. Make sure any user data is appropriately escaped for this security context.
+ * For more detail, see the [Security Guide](http://g.co/ng/security).
+ *
  * @stable
  */
 export abstract class DomSanitizationService implements SanitizationService {
@@ -101,21 +106,24 @@ export abstract class DomSanitizationService implements SanitizationService {
    * is unsafe (e.g. contains `<script>` tags) and the code should be executed. The sanitizer will
    * leave safe HTML intact, so in most situations this method should not be used.
    *
-   * WARNING: calling this method with untrusted user data will cause severe security bugs!
+   * **WARNING:** calling this method with untrusted user data exposes your application to XSS
+   * security risks!
    */
   abstract bypassSecurityTrustHtml(value: string): SafeHtml;
 
   /**
    * Bypass security and trust the given value to be safe style value (CSS).
    *
-   * WARNING: calling this method with untrusted user data will cause severe security bugs!
+   * **WARNING:** calling this method with untrusted user data exposes your application to XSS
+   * security risks!
    */
   abstract bypassSecurityTrustStyle(value: string): SafeStyle;
 
   /**
    * Bypass security and trust the given value to be safe JavaScript.
    *
-   * WARNING: calling this method with untrusted user data will cause severe security bugs!
+   * **WARNING:** calling this method with untrusted user data exposes your application to XSS
+   * security risks!
    */
   abstract bypassSecurityTrustScript(value: string): SafeScript;
 
@@ -123,7 +131,8 @@ export abstract class DomSanitizationService implements SanitizationService {
    * Bypass security and trust the given value to be a safe style URL, i.e. a value that can be used
    * in hyperlinks or `<img src>`.
    *
-   * WARNING: calling this method with untrusted user data will cause severe security bugs!
+   * **WARNING:** calling this method with untrusted user data exposes your application to XSS
+   * security risks!
    */
   abstract bypassSecurityTrustUrl(value: string): SafeUrl;
 
@@ -131,7 +140,8 @@ export abstract class DomSanitizationService implements SanitizationService {
    * Bypass security and trust the given value to be a safe resource URL, i.e. a location that may
    * be used to load executable code from, like `<script src>`, or `<iframe src>`.
    *
-   * WARNING: calling this method with untrusted user data will cause severe security bugs!
+   * **WARNING:** calling this method with untrusted user data exposes your application to XSS
+   * security risks!
    */
   abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl;
 }