diff options
| author | Anders Hessellund Jensen | 2013-05-06 22:18:42 +0200 |
|---|---|---|
| committer | Pete Bacon Darwin | 2013-07-04 00:13:04 +0100 |
| commit | 3b2c6f09cb857b86641cefde5b92d84d58c1118d (patch) | |
| tree | ec64603b5b520a3385e0ce1fed14957e44f5bfe8 /src/ng/compile.js | |
| parent | 63414b965397a9fd7d2f49e8dea4b848e0d6707e (diff) | |
| download | angular.js-3b2c6f09cb857b86641cefde5b92d84d58c1118d.tar.bz2 | |
fix($compile): empty normalized href should pass sanitation check
Sometimes IE returns an empty string for its normalized href on a tags.
This should pass the sanitation check in $compile.
Closes #2219, #2593
Diffstat (limited to 'src/ng/compile.js')
| -rw-r--r-- | src/ng/compile.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/ng/compile.js b/src/ng/compile.js index a609d615..cfdaddf9 100644 --- a/src/ng/compile.js +++ b/src/ng/compile.js @@ -293,7 +293,7 @@ function $CompileProvider($provide) { // href property always returns normalized absolute url, so we can match against that normalizedVal = urlSanitizationNode.href; - if (!normalizedVal.match(urlSanitizationWhitelist)) { + if (normalizedVal !== '' && !normalizedVal.match(urlSanitizationWhitelist)) { this[key] = value = 'unsafe:' + normalizedVal; } } |