diff options
| author | Misko Hevery | 2010-12-03 15:42:11 -0800 |
|---|---|---|
| committer | Misko Hevery | 2010-12-03 15:42:42 -0800 |
| commit | 2bbced212e2ee93948c45360fee00b2e3f960392 (patch) | |
| tree | a42ea9b49c42c37b9f8e42fa0fc4bf1fb906f948 | |
| parent | 5a8ad8fe329fc09898ff43a060710265d38393be (diff) | |
| download | angular.js-2bbced212e2ee93948c45360fee00b2e3f960392.tar.bz2 | |
Fix sanitization issues as suggested by evn
| -rw-r--r-- | regression/issue-169.html | 10 | ||||
| -rw-r--r-- | regression/sanitizer.html | 8 | ||||
| -rw-r--r-- | src/sanitizer.js | 28 | ||||
| -rw-r--r-- | test/sanitizerSpec.js | 65 |
4 files changed, 86 insertions, 25 deletions
var seqCount = 0; var usedIds = {}; var makeUnique = { 'index.html': true, 'style.css': true, 'script.js': true, 'unit.js': true, 'spec.js': true, 'scenario.js': true } function ids(list) { return list.map(function(item) { return item.id; }).join(' '); }; exports.Example = function(scenarios) { this.module = ''; this.deps = ['angular.js']; this.html = []; this.css = []; this.js = []; this.unit = []; this.scenario = []; this.scenarios = scenarios; } exports.Example.prototype.setModule = function(module) { if (module) { this.module = module; } }; exports.Example.prototype.addDeps = function(deps) { deps && deps.split(/[\s\,]/).forEach(function(dep) { if (dep) { this.deps.push(dep); } }, this); }; exports.Example.prototype.addSource = function(name, content) { var ext = name == 'scenario.js' ? 'scenario' : name.split('.')[1], id = name; if (makeUnique[name] && usedIds[id]) { id = name + '-' + (seqCount++); } usedIds[id] = true; this[ext].push({name: name, content: content, id: id}); if (name.match(/\.js$/) && name !== 'spec.js' && name !== 'unit.js' && name != 'scenario.js') { this.deps.push(name); } if (ext == 'scenario') { this.scenarios.push(content); } }; exports.Example.prototype.toHtml = function() { return '<h2>Source</h2>\n' + this.toHtmlEdit() + this.toHtmlTabs() + '<h2>Demo</h2>\n' + this.toHtmlEmbed(); }; exports.Example.prototype.toHtmlEdit = function() { var out = []; out.push('<div source-edit="' + this.module + '"'); out.push(' source-edit-deps="' + this.deps.join(' ') + '"'); out.push(' source-edit-html="' + ids(this.html) + '"'); out.push(' source-edit-css="' + ids(this.css) + '"'); out.push(' source-edit-js="' + ids(this.js) + '"'); out.push(' source-edit-unit="' + ids(this.unit) + '"'); out.push(' source-edit-scenario="' + ids(this.scenario) + '"'); out.push('></div>\n'); return out.join(''); }; exports.Example.prototype.toHtmlTabs = function() { var out = [], self = this; out.push('<div class="tabbable">'); htmlTabs(this.html); htmlTabs(this.css); htmlTabs(this.js); htmlTabs(this.unit); htmlTabs(this.scenario); out.push('</div>'); return out.join(''); function htmlTabs(