Elgato_dark/angular
1
0
Fork 0
mirror of https://github.com/angular/angular synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
angular/packages/platform-browser/test
History
Peter Bacon Darwin a751649c8d fix(core): use appropriate inert document strategy for Firefox & Safari (#17019) 
Both Firefox and Safari are vulnerable to XSS if we use an inert document
created via `document.implementation.createHTMLDocument()`.

Now we check for those vulnerabilities and then use a DOMParser or XHR
strategy if needed.

Further the platform-server has its own library for parsing HTML, so we
sniff for that (by checking whether DOMParser exists) and fall back to
the standard strategy.

Thanks to @cure53 for the heads up on this issue.

PR Close #17019
2018-02-08 08:55:15 -08:00
..
animation build(platform-browser): exclude node incompatible tests from :test target. (#21053) 2017-12-22 13:10:51 -08:00
browser build(platform-browser): exclude node incompatible tests from :test target. (#21053) 2017-12-22 13:10:51 -08:00
dom build(platform-browser): exclude node incompatible tests from :test target. (#21053) 2017-12-22 13:10:51 -08:00
security fix(core): use appropriate inert document strategy for Firefox & Safari (#17019) 2018-02-08 08:55:15 -08:00
static_assets refactor: move angular source to /packages rather than modules/@angular 2017-03-08 16:29:27 -08:00
browser_util_spec.ts build: remove main() from specs (#21053) 2017-12-22 13:10:51 -08:00
BUILD.bazel build: Remove angular_src nested workspace (#21096) 2018-01-19 10:17:37 -08:00
testing_public_spec.ts build: remove main() from specs (#21053) 2017-12-22 13:10:51 -08:00