fix($compile): sanitize values bound to a[href]

author: Igor Minar 2013-02-19 09:55:05 -0800
committer: Igor Minar 2013-02-20 00:06:26 -0800
commit: 9532234bf1c408af9a6fd2c4743fdb585b920531 (patch)
tree: e4b6a910b3097007e38bde6f4511e74e621b0a2b /src/ng/directive/booleanAttrs.js
parent: 5f5d4feadbfa9d8ecc8150041dfd2bca2b2e9fea (diff)
download: angular.js-9532234bf1c408af9a6fd2c4743fdb585b920531.tar.bz2
1 files changed, 3 insertions, 2 deletions
diff --git a/src/ng/directive/booleanAttrs.js b/src/ng/directive/booleanAttrs.js
index 739c539a..7e0e3a42 100644
--- a/src/ng/directive/booleanAttrs.js
+++ b/src/ng/directive/booleanAttrs.js
@@ -340,8 +340,9 @@ forEach(['src', 'href'], function(attrName) {
 
           // on IE, if "ng:src" directive declaration is used and "src" attribute doesn't exist
           // then calling element.setAttribute('src', 'foo') doesn't do anything, so we need
-          // to set the property as well to achieve the desired effect
-          if (msie) element.prop(attrName, value);
+          // to set the property as well to achieve the desired effect.
+          // we use attr[attrName] value since $set can sanitize the url.
+          if (msie) element.prop(attrName, attr[attrName]);
         });
       }
     };
author	Igor Minar	2013-02-19 09:55:05 -0800
committer	Igor Minar	2013-02-20 00:06:26 -0800
commit	9532234bf1c408af9a6fd2c4743fdb585b920531 (patch)
tree	e4b6a910b3097007e38bde6f4511e74e621b0a2b /src/ng/directive/booleanAttrs.js
parent	5f5d4feadbfa9d8ecc8150041dfd2bca2b2e9fea (diff)
download	angular.js-9532234bf1c408af9a6fd2c4743fdb585b920531.tar.bz2