8 files changed, 82 insertions, 4 deletions

diff --git a/docs/content/error/sce/icontext.ngdoc b/docs/content/error/sce/icontext.ngdoc
new file mode 100644
index 00000000..af629040
--- /dev/null
+++ b/docs/content/error/sce/icontext.ngdoc
@@ -0,0 +1,6 @@
+@ngdoc error
+@name $sce:icontext
+@fullName Invalid / Unknown SCE context
+@description
+The context enum passed to {@link api/ng.$sce#trustAs $sce.trustAs} was not recognized.  Refer the
+list of {@link api/ng.$sce#contexts supported Strict Contextual Escaping (SCE) contexts}.
diff --git a/docs/content/error/sce/iequirks.ngdoc b/docs/content/error/sce/iequirks.ngdoc
new file mode 100644
index 00000000..be873344
--- /dev/null
+++ b/docs/content/error/sce/iequirks.ngdoc
@@ -0,0 +1,16 @@
+@ngdoc error
+@name $sce:iequirks
+@fullName IE8 in quirks mode is unsupported.
+@description
+You are using AngularJS with {@link api/ng.$sce#strictcontextualescaping Strict Contextual Escaping
+(SCE)} mode enabled (the default) on IE8 or lower in quirks mode.  In this mode, IE8 allows one to
+execute arbitrary javascript by the use of the `expression()` syntax and is not supported.  Refer
+{@link http://blogs.msdn.com/b/ie/archive/2008/10/16/ending-expressions.aspx MSDN Blogs > IEBlog >
+Ending Expressions} to learn more about them.
+
+### Recommended solution
+Add the doctype
+
+    <!doctype html>
+    
+to the top of your HTML document.  This switches the document from quirks mode to standards mode.
diff --git a/docs/content/error/sce/isecrurl.ngdoc b/docs/content/error/sce/isecrurl.ngdoc
new file mode 100644
index 00000000..c5a5445d
--- /dev/null
+++ b/docs/content/error/sce/isecrurl.ngdoc
@@ -0,0 +1,30 @@
+@ngdoc error
+@name $sce:isecrurl
+@fullName Blocked loading an untrusted resource
+@description
+
+AngularJS' {@link api/ng.$sce#strictcontextualescaping Strict Contextual Escaping
+(SCE)} mode (enabled by default) has blocked loading a resource from an insecure URL.
+
+Typically, this would occur if you're attempting to load an Angular template from a different
+domain.  It's also possible that a custom directive threw this error for a similar reason.
+
+Angular only loads templates from trusted URLs (by calling {@link api/ng.$sce#getTrustedResourceUrl
+$sce.getTrustedResourceUrl} on the template URL.).
+
+By default, only URLs to the same domain with the same protocol as the application document are
+considered to be trusted.
+
+The {@link api/ng.directive:ngInclude ng-include} directive and {@link guide/directive directives}
+that specify a `templateUrl` require a trusted resource URL.
+
+To load templates from other domains and/or protocols, either adjust the {@link
+api/ng.$sceDelegateProvider#resourceUrlWhitelist whitelist}/ {@link
+api/ng.$sceDelegateProvider#resourceUrlBlacklist blacklist} or wrap the URL with a call to {@link
+api/ng.$sce#trustAsResourceUrl $sce.trustAsResourceUrl}.
+
+**Note**: The browser's {@link
+https://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_XMLHttpRequest Same Origin
+Policy} and {@link http://www.w3.org/TR/cors/ Cross-Origin Resource Sharing (CORS)} policy apply
+that may further restrict whether the template is successfully loaded.  (e.g.  neither cross-domain
+requests won't work on all browsers nor `file://` requests on some browsers)
diff --git a/docs/content/error/sce/itype.ngdoc b/docs/content/error/sce/itype.ngdoc
new file mode 100644
index 00000000..90555156
--- /dev/null
+++ b/docs/content/error/sce/itype.ngdoc
@@ -0,0 +1,6 @@
+@ngdoc error
+@name $sce:itype
+@fullName String value required for SCE trust call.
+@description
+{@link api/ng.$sce#trustAs $sce.trustAs} requires a string value.  Read more about {@link
+api/ng.$sce#strictcontextualescaping Strict Contextual Escaping (SCE)} in AngularJS.
diff --git a/docs/content/error/sce/unsafe.ngdoc b/docs/content/error/sce/unsafe.ngdoc
new file mode 100644
index 00000000..908033d2
--- /dev/null
+++ b/docs/content/error/sce/unsafe.ngdoc
@@ -0,0 +1,15 @@
+@ngdoc error
+@name $sce:unsafe
+@fullName Require a safe/trusted value
+@description
+
+The value provided for use in a specific context was not found to be safe/trusted for use.
+
+Angular's {@link api/ng.$sce#strictcontextualescaping Strict Contextual Escaping (SCE)} mode
+(enabled by default), requires bindings in certain
+contexts to result in a value that is trusted as safe for use in such a context.  (e.g. loading an
+Angular template from a URL requires that the URL is one considered safe for loading resources.)
+
+This helps prevent XSS and other security issues.  Read more at {@link
+api/ng.$sce#strictcontextualescaping Strict Contextual Escaping (SCE)}
+
diff --git a/docs/content/guide/directive.ngdoc b/docs/content/guide/directive.ngdoc
index 73c7ead7..5e682d58 100644
--- a/docs/content/guide/directive.ngdoc
+++ b/docs/content/guide/directive.ngdoc
@@ -415,8 +415,8 @@ compiler}. The attributes are:
     {@link guide/directive#Components Creating Components} section below for more information.
 
     You can specify `template` as a string representing the template or as a function which takes
-    two arguments `tElement` and `tAttrs` (described in the `compile` function api below) and returns
-    a string value representing the template.
+    two arguments `tElement` and `tAttrs` (described in the `compile` function api below) and
+    returns a string value representing the template.
 
   * `templateUrl` - Same as `template` but the template is loaded from the specified URL. Because
     the template loading is asynchronous the compilation/linking is suspended until the template
@@ -424,7 +424,8 @@ compiler}. The attributes are:
 
     You can specify `templateUrl` as a string representing the URL or as a function which takes two
     arguments `tElement` and `tAttrs` (described in the `compile` function api below) and returns
-    a string value representing the url.
+    a string value representing the url.  In either case, the template URL is passed through {@link
+    api/ng.$sce#getTrustedResourceUrl $sce.getTrustedResourceUrl}.
 
   * `replace` - if set to `true` then the template will replace the current element, rather than
     append the template to the element.
diff --git a/docs/src/example.js b/docs/src/example.js
index eadc218f..cdbc24a7 100644
--- a/docs/src/example.js
+++ b/docs/src/example.js
@@ -20,6 +20,7 @@ exports.Example = function(scenarios) {
   this.html = [];
   this.css = [];
   this.js = [];
+  this.json = [];
   this.unit = [];
   this.scenario = [];
   this.scenarios = scenarios;
@@ -88,6 +89,7 @@ exports.Example.prototype.toHtmlEdit = function() {
   out.push(' source-edit-html="' + ids(this.html) + '"');
   out.push(' source-edit-css="' + ids(this.css) + '"');
   out.push(' source-edit-js="' + ids(this.js) + '"');
+  out.push(' source-edit-json="' + ids(this.json) + '"');
   out.push(' source-edit-unit="' + ids(this.unit) + '"');
   out.push(' source-edit-scenario="' + ids(this.scenario) + '"');
   out.push('></div>\n');
@@ -102,6 +104,7 @@ exports.Example.prototype.toHtmlTabs = function() {
   htmlTabs(this.html);
   htmlTabs(this.css);
   htmlTabs(this.js);
+  htmlTabs(this.json);
   htmlTabs(this.unit);
   htmlTabs(this.scenario);
   out.push('</div>');
diff --git a/docs/src/templates/js/docs.js b/docs/src/templates/js/docs.js
index a14237fa..7cac6a9a 100644
--- a/docs/src/templates/js/docs.js
+++ b/docs/src/templates/js/docs.js
@@ -216,6 +216,7 @@ docsApp.directive.sourceEdit = function(getEmbeddedTemplate) {
         html: read($attrs.sourceEditHtml),
         css: read($attrs.sourceEditCss),
         js: read($attrs.sourceEditJs),
+        json: read($attrs.sourceEditJson),
         unit: read($attrs.sourceEditUnit),
         scenario: read($attrs.sourceEditScenario)
       };
@@ -358,7 +359,7 @@ docsApp.serviceFactory.formPostData = function($document) {
 
 docsApp.serviceFactory.openPlunkr = function(templateMerge, formPostData, angularUrls) {
   return function(content) {
-    var allFiles = [].concat(content.js, content.css, content.html);
+    var allFiles = [].concat(content.js, content.css, content.html, content.json);
     var indexHtmlContent = '<!doctype html>\n' +
         '<html ng-app="{{module}}">\n' +
         '  <head>\n' +