mirror of
https://github.com/angular/angular
synced 2026-05-24 09:28:37 +00:00
Revert "refactor(core): Add ngDevMode guards and new sanitization error codes"
This reverts commit4e7e38c591. (cherry picked from commit1765ebe79b)
This commit is contained in:
parent
d370c4ba44
commit
f8b6a3fed1
5 changed files with 7 additions and 29 deletions
|
|
@ -58,10 +58,6 @@ export const enum RuntimeErrorCode {
|
|||
// (undocumented)
|
||||
HOST_DIRECTIVE_UNRESOLVABLE = 307,
|
||||
// (undocumented)
|
||||
HTML_SANITIZATION_CLOBBERED = 921,
|
||||
// (undocumented)
|
||||
HTML_SANITIZATION_UNSTABLE = 920,
|
||||
// (undocumented)
|
||||
HYDRATION_MISSING_NODE = -502,
|
||||
// (undocumented)
|
||||
HYDRATION_MISSING_SIBLINGS = -501,
|
||||
|
|
@ -176,8 +172,6 @@ export const enum RuntimeErrorCode {
|
|||
// (undocumented)
|
||||
RUNTIME_DEPS_ORPHAN_COMPONENT = 981,
|
||||
// (undocumented)
|
||||
SANITIZATION_BYPASS_TYPE_MISMATCH = 922,
|
||||
// (undocumented)
|
||||
SIGNAL_WRITE_FROM_ILLEGAL_CONTEXT = 600,
|
||||
// (undocumented)
|
||||
TEMPLATE_STRUCTURE_ERROR = 305,
|
||||
|
|
|
|||
|
|
@ -135,9 +135,6 @@ export const enum RuntimeErrorCode {
|
|||
NO_COMPONENT_FACTORY_FOUND = 917,
|
||||
EXTERNAL_RESOURCE_LOADING_FAILED = 918,
|
||||
DEF_TYPE_UNDEFINED = -919,
|
||||
HTML_SANITIZATION_UNSTABLE = 920,
|
||||
HTML_SANITIZATION_CLOBBERED = 921,
|
||||
SANITIZATION_BYPASS_TYPE_MISMATCH = 922,
|
||||
|
||||
// Signal integration errors
|
||||
REQUIRED_INPUT_NO_VALUE = -950,
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@
|
|||
*/
|
||||
|
||||
import {XSS_SECURITY_URL} from '../error_details_base_url';
|
||||
import {RuntimeError, RuntimeErrorCode} from '../errors';
|
||||
|
||||
export const enum BypassType {
|
||||
Url = 'URL',
|
||||
|
|
@ -129,10 +128,7 @@ export function allowSanitizationBypassAndThrow(value: any, type: BypassType): b
|
|||
if (actualType != null && actualType !== type) {
|
||||
// Allow ResourceURLs in URL contexts, they are strictly more trusted.
|
||||
if (actualType === BypassType.ResourceUrl && type === BypassType.Url) return true;
|
||||
throw new RuntimeError(
|
||||
RuntimeErrorCode.SANITIZATION_BYPASS_TYPE_MISMATCH,
|
||||
ngDevMode && `Required a safe ${type}, got a ${actualType} (see ${XSS_SECURITY_URL})`,
|
||||
);
|
||||
throw new Error(`Required a safe ${type}, got a ${actualType} (see ${XSS_SECURITY_URL})`);
|
||||
}
|
||||
return actualType === type;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@
|
|||
*/
|
||||
|
||||
import {XSS_SECURITY_URL} from '../error_details_base_url';
|
||||
import {RuntimeError, RuntimeErrorCode} from '../errors';
|
||||
import {TrustedHTML} from '../util/security/trusted_type_defs';
|
||||
import {trustedHTMLFromString} from '../util/security/trusted_types';
|
||||
|
||||
|
|
@ -263,10 +262,8 @@ export function getNodeName(node: Node): string {
|
|||
}
|
||||
|
||||
function clobberedElementError(node: Node) {
|
||||
return new RuntimeError(
|
||||
RuntimeErrorCode.HTML_SANITIZATION_CLOBBERED,
|
||||
ngDevMode &&
|
||||
`Failed to sanitize html because the element is clobbered: ${(node as Element).outerHTML}`,
|
||||
return new Error(
|
||||
`Failed to sanitize html because the element is clobbered: ${(node as Element).outerHTML}`,
|
||||
);
|
||||
}
|
||||
|
||||
|
|
@ -317,10 +314,7 @@ export function _sanitizeHtml(defaultDoc: any, unsafeHtmlInput: string): Trusted
|
|||
|
||||
do {
|
||||
if (mXSSAttempts === 0) {
|
||||
throw new RuntimeError(
|
||||
RuntimeErrorCode.HTML_SANITIZATION_UNSTABLE,
|
||||
ngDevMode && 'Failed to sanitize html because the input is unstable',
|
||||
);
|
||||
throw new Error('Failed to sanitize html because the input is unstable');
|
||||
}
|
||||
mXSSAttempts--;
|
||||
|
||||
|
|
|
|||
|
|
@ -254,12 +254,9 @@ describe('HTML sanitizer', () => {
|
|||
// depending on a platform.
|
||||
if (isBrowser) {
|
||||
// Running in a real browser
|
||||
expect(nextSibling).toThrowError(
|
||||
/Failed to sanitize html because the element is clobbered: <input name="nextSibling" form="a">/,
|
||||
);
|
||||
expect(firstChild).toThrowError(
|
||||
/Failed to sanitize html because the element is clobbered: <object form="a" id="firstChild"><\/object>/,
|
||||
);
|
||||
const errorMsg = 'Failed to sanitize html because the element is clobbered: ';
|
||||
expect(nextSibling).toThrowError(`${errorMsg}<input name="nextSibling" form="a">`);
|
||||
expect(firstChild).toThrowError(`${errorMsg}<object form="a" id="firstChild"></object>`);
|
||||
} else {
|
||||
// Running in Node, using Domino DOM emulation
|
||||
expect(nextSibling()).toBe('A');
|
||||
|
|
|
|||
Loading…
Reference in a new issue