fix(sanitize): match URI schemes case-insensitively

According to RFC 3986 (http://tools.ietf.org/html/rfc3986#section-3.1)
schemes such as http or mailto are case-insensitive. So links such as
http://server/ and HTTP://server/ are valid and equivalent.

Closes #3210

2 files changed, 6 insertions, 1 deletions

diff --git a/src/ngSanitize/sanitize.js b/src/ngSanitize/sanitize.js
index 0fef4cfe..a12797d2 100644
--- a/src/ngSanitize/sanitize.js
+++ b/src/ngSanitize/sanitize.js
@@ -142,7 +142,7 @@ var START_TAG_REGEXP = /^<\s*([\w:-]+)((?:\s+[\w:-]+(?:\s*=\s*(?:(?:"[^"]*")|(?:
   BEGING_END_TAGE_REGEXP = /^<\s*\//,
   COMMENT_REGEXP = /<!--(.*?)-->/g,
   CDATA_REGEXP = /<!\[CDATA\[(.*?)]]>/g,
-  URI_REGEXP = /^((ftp|https?):\/\/|mailto:|tel:|#)/,
+  URI_REGEXP = /^((ftp|https?):\/\/|mailto:|tel:|#)/i,
   NON_ALPHANUMERIC_REGEXP = /([^\#-~| |!])/g; // Match everything outside of normal chars and " (quote character)
 
 
diff --git a/test/ngSanitize/sanitizeSpec.js b/test/ngSanitize/sanitizeSpec.js
index 150072d9..f97e86a6 100644
--- a/test/ngSanitize/sanitizeSpec.js
+++ b/test/ngSanitize/sanitizeSpec.js
@@ -227,10 +227,15 @@ describe('HTML', function() {
 
       it('should be URI', function() {
         expect(isUri('http://abc')).toBeTruthy();
+        expect(isUri('HTTP://abc')).toBeTruthy();
         expect(isUri('https://abc')).toBeTruthy();
+        expect(isUri('HTTPS://abc')).toBeTruthy();
         expect(isUri('ftp://abc')).toBeTruthy();
+        expect(isUri('FTP://abc')).toBeTruthy();
         expect(isUri('mailto:me@example.com')).toBeTruthy();
+        expect(isUri('MAILTO:me@example.com')).toBeTruthy();
         expect(isUri('tel:123-123-1234')).toBeTruthy();
+        expect(isUri('TEL:123-123-1234')).toBeTruthy();
         expect(isUri('#anchor')).toBeTruthy();
       });