angular/packages/common
Alan Agius 05fe6686a9 fix(http): prevent XSRF token leakage to protocol-relative URLs
The XSRF interceptor previously failed to detect protocol-relative URLs (starting with `//`) as absolute URLs. This allowed requests to such URLs to include the XSRF token, potentially leaking it to external domains.

This change updates the interceptor to correctly identify protocol-relative URLs as absolute and exclude them from receiving the XSRF token.
2025-11-25 13:57:28 -05:00
..
http fix(http): prevent XSRF token leakage to protocol-relative URLs 2025-11-25 13:57:28 -05:00
locales build: update common's locales to use rules_js (#61630) 2025-05-26 10:18:48 +00:00
src docs: rename @nodoc to @docs-private (#61196) 2025-05-13 17:15:37 -07:00
test build: move private testing helpers outside platform-browser/testing (#61571) 2025-05-21 16:04:42 +00:00
testing build: migrate common to use rules_js based toolchain (#61434) 2025-05-20 15:08:43 +00:00
upgrade build: migrate common to use rules_js based toolchain (#61434) 2025-05-20 15:08:43 +00:00
BUILD.bazel build: migrate common to use rules_js based toolchain (#61434) 2025-05-20 15:08:43 +00:00
index.ts refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00
package.json build: update common's locales to use rules_js (#61630) 2025-05-26 10:18:48 +00:00
PACKAGE.md docs: add api doc to sub-packages (#33801) 2019-11-20 14:48:50 -08:00
public_api.ts refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00