mirror of
https://github.com/angular/angular
synced 2026-05-24 09:28:37 +00:00
f245c6bb15
Fix a bug in the HTML sanitizer where an unclosed iframe tag would result in an escaped closing body tag as the output: _sanitizeHtml(document, '<iframe>') => '</body>' This closing body tag comes from the DOMParserHelper where the HTML to be sanitized is wrapped with surrounding body tags. When an opening iframe tag is parsed by DOMParser, which DOMParserHelper uses, everything up until its matching closing tag is consumed as a text node. In the above example this includes the appended closing body tag. By removing the explicit closing body tag from the DOMParserHelper and relying on the body tag being closed implicitly at the end, the above example is sanitized as expected: _sanitizeHtml(document, '<iframe>') => '' PR Close #38454 |
||
|---|---|---|
| .. | ||
| html_sanitizer_spec.ts | ||
| sanitization_spec.ts | ||
| url_sanitizer_spec.ts | ||