angular.js/src/ng/directive, branch v1.0.0rc7 docs(ngCsp): make the CSP docs publicly visible 2012-04-30T22:37:12+00:00 Igor Minar 2012-04-30T22:37:12+00:00 96758c1c5277ca9041e82c4c1d2e2c473cd477b0 






docs(ngSanitize): fix directive links
2012-04-30T08:09:55+00:00

Igor Minar

2012-04-30T08:09:55+00:00

006fb4fbeb768e4b50659838f7587bae9847371d












feat($parse): CSP compatibility
2012-04-28T06:04:24+00:00

Igor Minar

2012-04-27T22:20:54+00:00

2b87c814ab70eaaff6359ce1a118f348c8bd2197

CSP (content security policy) forbids apps to use eval or
Function(string) generated functions (among other things). For us to be
compatible, we just need to implement the "getterFn" in $parse without
violating any of these restrictions.

We currently use Function(string) generated functions as a speed
optimization. With this change, it will be possible to opt into the CSP
compatible mode using the ngCsp directive. When this mode is on Angular
will evaluate all expressions up to 30% slower than in non-CSP mode, but
no security violations will be raised.

In order to use this feature put ngCsp directive on the root element of
the application. For example:

<!doctype html>
<html ng-app ng-csp>
  ...
  ...
</html>

Closes #893





CSP (content security policy) forbids apps to use eval or
Function(string) generated functions (among other things). For us to be
compatible, we just need to implement the "getterFn" in $parse without
violating any of these restrictions.

We currently use Function(string) generated functions as a speed
optimization. With this change, it will be possible to opt into the CSP
compatible mode using the ngCsp directive. When this mode is on Angular
will evaluate all expressions up to 30% slower than in non-CSP mode, but
no security violations will be raised.

In order to use this feature put ngCsp directive on the root element of
the application. For example:

<!doctype html>
<html ng-app ng-csp>
  ...
  ...
</html>

Closes #893







fix(select): properly handle empty & unknown options without ngOptions
2012-04-20T21:29:37+00:00

Igor Minar

2012-04-18T07:48:25+00:00

904b69c745ea4afc1d6ecd2a5f3138c6f947b157

Previously only when ngOptions was used, we correctly handled situations
when model was set to an unknown value. With this change, we'll add/remove
extra unknown option or reuse an existing empty option (option with value
set to "") when model is undefined.





Previously only when ngOptions was used, we correctly handled situations
when model was set to an unknown value. With this change, we'll add/remove
extra unknown option or reuse an existing empty option (option with value
set to "") when model is undefined.







fix(script): Incorrectly reading script text on ie
2012-04-20T18:29:34+00:00

Misko Hevery

2012-04-17T20:55:10+00:00

94dd68570952f6f31abfa351b1159afcd3588a57

IE deals with script tags in special way and .text() does not work. Reading the .text property directly fixes the issue.





IE deals with script tags in special way and .text() does not work. Reading the .text property directly fixes the issue.







docs(ngBind): "angular.module.ng.$sanitize" -> "angular.module.ngSanitize.$sanitize"
2012-04-20T17:44:18+00:00

johnlindquist

2012-04-18T00:41:44+00:00

5cc245dd80f973bf812e430fc31700a27699c9ad












docs(ngBind): "makes make" -> "makes"
2012-04-20T17:43:41+00:00

johnlindquist

2012-04-12T22:23:34+00:00

0c7252f929c7b7d0c718c4683a712331c6b95776












fix($location): properly rewrite urls in html5 mode with base url set
2012-04-12T09:36:03+00:00

Igor Minar

2012-04-12T06:46:23+00:00

6d7e7fdea6c3d6551ff40c150aa42e1375d2cb5f

previously we were doing all kinds of checks to see if we should rewrite the url or not and we
were missing many scenarios. not any more.

with this change, we rewrite the url unless:
- the href is not set
- link has target attribute
- the absolute url of the link doesn't match the absolute prefix for all urls in our app

This also means that ng-ext-link attribute which we previously used to distinguish external
links from app links is not necessary any more. apps can just set target=_self to prevent
rewriting.

BREAKING CHANGE: ng-ext-link directive was removed because it's unnecessary

apps that relied on ng-ext-link should simply replace it with target=_self





previously we were doing all kinds of checks to see if we should rewrite the url or not and we
were missing many scenarios. not any more.

with this change, we rewrite the url unless:
- the href is not set
- link has target attribute
- the absolute url of the link doesn't match the absolute prefix for all urls in our app

This also means that ng-ext-link attribute which we previously used to distinguish external
links from app links is not necessary any more. apps can just set target=_self to prevent
rewriting.

BREAKING CHANGE: ng-ext-link directive was removed because it's unnecessary

apps that relied on ng-ext-link should simply replace it with target=_self







test(ngView): fix failing e2e tests
2012-04-12T04:27:55+00:00

Igor Minar

2012-04-12T04:12:48+00:00

0c49bbdc38d228c7612bbda0420e4f17ba501528












fix(input.radio): support 2-way binding in a repeater
2012-04-11T22:50:52+00:00

Vojta Jina

2012-04-10T20:41:51+00:00

93d62860e988a09fb64e594f50f6cd55a1fc5748

Closes #869





Closes #869