angular.js/src, branch v1.0.0rc7 docs(ngCsp): make the CSP docs publicly visible 2012-04-30T22:37:12+00:00 Igor Minar 2012-04-30T22:37:12+00:00 96758c1c5277ca9041e82c4c1d2e2c473cd477b0 






docs(ngSanitize): fix directive links
2012-04-30T08:09:55+00:00

Igor Minar

2012-04-30T08:09:55+00:00

006fb4fbeb768e4b50659838f7587bae9847371d












feat($parse): CSP compatibility
2012-04-28T06:04:24+00:00

Igor Minar

2012-04-27T22:20:54+00:00

2b87c814ab70eaaff6359ce1a118f348c8bd2197

CSP (content security policy) forbids apps to use eval or
Function(string) generated functions (among other things). For us to be
compatible, we just need to implement the "getterFn" in $parse without
violating any of these restrictions.

We currently use Function(string) generated functions as a speed
optimization. With this change, it will be possible to opt into the CSP
compatible mode using the ngCsp directive. When this mode is on Angular
will evaluate all expressions up to 30% slower than in non-CSP mode, but
no security violations will be raised.

In order to use this feature put ngCsp directive on the root element of
the application. For example:

<!doctype html>
<html ng-app ng-csp>
  ...
  ...
</html>

Closes #893





CSP (content security policy) forbids apps to use eval or
Function(string) generated functions (among other things). For us to be
compatible, we just need to implement the "getterFn" in $parse without
violating any of these restrictions.

We currently use Function(string) generated functions as a speed
optimization. With this change, it will be possible to opt into the CSP
compatible mode using the ngCsp directive. When this mode is on Angular
will evaluate all expressions up to 30% slower than in non-CSP mode, but
no security violations will be raised.

In order to use this feature put ngCsp directive on the root element of
the application. For example:

<!doctype html>
<html ng-app ng-csp>
  ...
  ...
</html>

Closes #893







fix(events): include ie8 in extra event property reset
2012-04-21T00:04:21+00:00

Misko Hevery

2012-04-20T21:47:50+00:00

a18926f986166048a21097636f03ab29f107b154












fix(bootstrap): rewritten to $script
2012-04-21T00:04:21+00:00

Misko Hevery

2012-04-20T20:28:58+00:00

b806b308614668c2590996a72b26b3529e909ebd












fix(mouseenter): FF no longer throws exceptions
2012-04-21T00:04:21+00:00

Misko Hevery

2012-04-20T18:27:35+00:00

43d15f830f9d419c41c41f0682e47e86839e3917












fix(select): properly handle empty & unknown options without ngOptions
2012-04-20T21:29:37+00:00

Igor Minar

2012-04-18T07:48:25+00:00

904b69c745ea4afc1d6ecd2a5f3138c6f947b157

Previously only when ngOptions was used, we correctly handled situations
when model was set to an unknown value. With this change, we'll add/remove
extra unknown option or reuse an existing empty option (option with value
set to "") when model is undefined.





Previously only when ngOptions was used, we correctly handled situations
when model was set to an unknown value. With this change, we'll add/remove
extra unknown option or reuse an existing empty option (option with value
set to "") when model is undefined.







feat($resource): support HTTP PATCH method
2012-04-20T19:32:33+00:00

simpulton

2012-04-20T08:31:25+00:00

e61fd1b43a55496c11c63da7ca2fc05b88d44043

Properly serialize data into request body instead of url.

Closes #887





Properly serialize data into request body instead of url.

Closes #887







chore(license): update to google
2012-04-20T18:29:34+00:00

Misko Hevery

2012-04-17T22:17:04+00:00

ce15a3e0491f7acafcdf0ff07f75d0c2c9819164












fix(compiler): reading comment throws error in ie
2012-04-20T18:29:34+00:00

Misko Hevery

2012-04-17T20:58:25+00:00

46bb08a9d0780fafef6dc5c1140c71912462887a

Unders some circumstances reading the comment's text throws error.





Unders some circumstances reading the comment's text throws error.