angular/packages/core/test
Alan Agius 7c42e2ebeb fix(compiler): prevent XSS via SVG animation attributeName and MathML/SVG URLs
This commit implements a security fix to prevent XSS vulnerabilities where SVG animation elements (`<animate>`, `<set>`, etc.) could be used to modify the `href` or `xlink:href` attributes of other elements to `javascript:` URLs.

The fix introduces a runtime validation step:
- A new [ɵɵValidateAttribute](cci:1://file:///usr/local/google/home/alanagius/git/angular/packages/core/src/sanitization/sanitization.ts:276:0-288:1) instruction is used when `attributeName` is bound on SVG animation elements.
- If executed, a `RuntimeError` is thrown, preventing the binding.
- The compiler now identifies `attributeName` on SVG animation elements as security-sensitive and injects this validation.

Additionally, the DOM security schema has been updated to include a comprehensive list of MathML and SVG elements that accept `href` or `xlink:href` attributes, ensuring they are correctly treated as `SecurityContext.URL` and sanitized. This prevents malicious URLs from being bound to these attributes.

http://b/463880509
2025-12-01 10:28:38 +01:00
..
acceptance fix(compiler): prevent XSS via SVG animation attributeName and MathML/SVG URLs 2025-12-01 10:28:38 +01:00
animation build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
authoring build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
bundling fix(core): introduce BootstrapContext for improved server bootstrapping (#63639) 2025-09-09 10:56:38 -07:00
change_detection refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
compiler build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
debug build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
di refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
dom build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
hydration fix(core): catch hydration marker with implicit body tag (#60429) 2025-03-19 15:51:37 +01:00
i18n refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00
linker build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
metadata refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
playground/zone-signal-input build: migrate all ng_module in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
reflection refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00
render3 build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
resource build: migrate platform-server to rules_js (#61619) 2025-05-22 15:34:07 -07:00
sanitization build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
signals build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
strict_types build: migrate all ng_module in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
testability refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
util refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
zone build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
application_config_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
application_init_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
application_module_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
application_ref_integration_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
application_ref_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
BUILD.bazel build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
change_detection_scheduler_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
component_fixture_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
defer_fixture_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
dev_mode_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
directive_lifecycle_integration_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
error_handler_spec.ts refactor(core): removing error related dead code. (#58272) 2024-10-22 09:42:47 -07:00
event_emitter_spec.ts fix(core): async EventEmitter error should not prevent stability (#61028) 2025-04-29 22:14:16 -07:00
fake_async_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
forward_ref_integration_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
runtime_error_spec.ts refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00
test_bed_effect_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
test_bed_spec.ts build: migrate all ts_library in packages/core/test (#61571) 2025-05-21 16:04:42 +00:00
transfer_state_spec.ts refactor(core): convert scripts within packages/core/test to relative imports (#60227) (#60556) 2025-03-26 07:05:23 -07:00
util_spec.ts refactor: update license text to point to angular.dev (#57901) 2024-09-24 15:33:00 +02:00