angular

mirror of https://github.com/angular/angular synced 2026-05-24 09:28:37 +00:00

History

Alan Agius 40790ef980 fix(http): prevent XSRF token leakage to protocol-relative URLs The XSRF interceptor previously failed to detect protocol-relative URLs (starting with `//`) as absolute URLs. This allowed requests to such URLs to include the XSRF token, potentially leaking it to external domains. This change updates the interceptor to correctly identify protocol-relative URLs as absolute and exclude them from receiving the XSRF token.		2025-11-25 13:47:26 -05:00
..
http	fix(http): prevent XSRF token leakage to protocol-relative URLs	2025-11-25 13:47:26 -05:00
locales	build: format md files	2025-11-06 10:03:05 -08:00
src	refactor(common): removes unused NgModuleFactory config in NgComponentOutlet	2025-11-17 08:46:08 -08:00
test	fix(common): remove placeholder image listeners once view is removed	2025-11-10 12:05:20 -08:00
testing	build: format md files	2025-11-06 10:03:05 -08:00
upgrade	build: format md files	2025-11-06 10:03:05 -08:00
BUILD.bazel	build: rename defaults2.bzl to defaults.bzl (#63383 )	2025-08-25 15:45:01 -07:00
index.ts	refactor: update license text to point to angular.dev (#57901 )	2024-09-24 15:33:00 +02:00
package.json	build: update common's locales to use rules_js (#61629 )	2025-05-26 10:18:14 +00:00
PACKAGE.md	build: format md files	2025-11-06 10:03:05 -08:00
public_api.ts	refactor: update license text to point to angular.dev (#57901 )	2024-09-24 15:33:00 +02:00