cargdev/angular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,456 Commits 56 Branches 477 Tags
Commit Graph

7 Commits

Author SHA1 Message Date
Peter Bacon Darwin
2c5cf19c6d fix(core): use appropriate inert document strategy for Firefox & Safari (#22077) 
Both Firefox and Safari are vulnerable to XSS if we use an inert document
created via `document.implementation.createHTMLDocument()`.

Now we check for those vulnerabilities and then use a DOMParser or XHR
strategy if needed.

Further the platform-server has its own library for parsing HTML, so we
sniff for that (by checking whether DOMParser exists) and fall back to
the standard strategy.

Thanks to @cure53 for the heads up on this issue.
 2018-02-13 10:05:14 -08:00
Victor Berchet
baf4ce0dd0 build: enable TSLint on the packages folder (#18459) 
porting PRs #18392 and #18441 to 4.x
 2017-08-02 15:23:33 -07:00
Miško Hevery
728c9d0632 fix(platform-browser): Update types for TypeScript nullability support 
Closes #15898
 2017-04-18 12:07:33 -07:00
Victor Berchet
a4076c70cc fix(platform-browser): prevent clobbered elements from freezing the browser 
see
4f69d38f09
 2017-03-16 10:16:39 -07:00
Victor Berchet
52bbc9baf4 refactor(platform-browser): cleanup HtmlSanitizer specs 2017-03-16 10:16:39 -07:00
Jason Aden
8573e36574 build: fix file paths after moving modules/@angular/* to packages/* 2017-03-08 16:29:28 -08:00
Jason Aden
3e51a19983 refactor: move angular source to /packages rather than modules/@angular 2017-03-08 16:29:27 -08:00