fix(sanitize): match URI schemes case-insensitively

According to RFC 3986 (http://tools.ietf.org/html/rfc3986#section-3.1)
schemes such as http or mailto are case-insensitive. So links such as
http://server/ and HTTP://server/ are valid and equivalent.

Closes #3210

2 files changed, 5 insertions, 1 deletions

diff --git a/src/ngSanitize/sanitize.js b/src/ngSanitize/sanitize.js
index 94aeef22..bd694818 100644
--- a/src/ngSanitize/sanitize.js
+++ b/src/ngSanitize/sanitize.js
@@ -142,7 +142,7 @@ var START_TAG_REGEXP = /^<\s*([\w:-]+)((?:\s+[\w:-]+(?:\s*=\s*(?:(?:"[^"]*")|(?:
   BEGING_END_TAGE_REGEXP = /^<\s*\//,
   COMMENT_REGEXP = /<!--(.*?)-->/g,
   CDATA_REGEXP = /<!\[CDATA\[(.*?)]]>/g,
-  URI_REGEXP = /^((ftp|https?):\/\/|mailto:|#)/,
+  URI_REGEXP = /^((ftp|https?):\/\/|mailto:|#)/i,
   NON_ALPHANUMERIC_REGEXP = /([^\#-~| |!])/g; // Match everything outside of normal chars and " (quote character)
 
 
diff --git a/test/ngSanitize/sanitizeSpec.js b/test/ngSanitize/sanitizeSpec.js
index b4fd8a2a..2a53b532 100644
--- a/test/ngSanitize/sanitizeSpec.js
+++ b/test/ngSanitize/sanitizeSpec.js
@@ -227,9 +227,13 @@ describe('HTML', function() {
 
       it('should be URI', function() {
         expect(isUri('http://abc')).toBeTruthy();
+        expect(isUri('HTTP://abc')).toBeTruthy();
         expect(isUri('https://abc')).toBeTruthy();
+        expect(isUri('HTTPS://abc')).toBeTruthy();
         expect(isUri('ftp://abc')).toBeTruthy();
+        expect(isUri('FTP://abc')).toBeTruthy();
         expect(isUri('mailto:me@example.com')).toBeTruthy();
+        expect(isUri('MAILTO:me@example.com')).toBeTruthy();
         expect(isUri('#anchor')).toBeTruthy();
       });