From 333523483f3ce6dd3177b697a5e5a7177ca364c8 Mon Sep 17 00:00:00 2001
From: Tobias Bosch
Date: Mon, 25 Nov 2013 15:40:18 -0800
Subject: fix($sanitize): Use same whitelist mechanism as $compile does.

`$sanitize` now uses the same mechanism as `$compile` to validate uris.
By this, the validation in `$sanitize` is more general and can be
configured in the same way as the one in `$compile`.

Changes
- Creates the new private service `$$sanitizeUri`.
- Moves related specs from `compileSpec.js` into `sanitizeUriSpec.js`.
- Refactors the `linky` filter to be less dependent on `$sanitize`
  internal functions.

Fixes #3748.
---
 src/AngularPublic.js | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/AngularPublic.js')

diff --git a/src/AngularPublic.js b/src/AngularPublic.js
index eb97b4c5..d2c325c5 100644
--- a/src/AngularPublic.js
+++ b/src/AngularPublic.js
@@ -65,6 +65,7 @@
     $ParseProvider,
     $RootScopeProvider,
     $QProvider,
+    $$SanitizeUriProvider,
     $SceProvider,
     $SceDelegateProvider,
     $SnifferProvider,
@@ -136,6 +137,10 @@ function publishExternalAPI(angular){
 
   angularModule('ng', ['ngLocale'], ['$provide',
     function ngModule($provide) {
+      // $$sanitizeUriProvider needs to be before $compileProvider as it is used by it.
+      $provide.provider({
+        $$sanitizeUri: $$SanitizeUriProvider
+      });
       $provide.provider('$compile', $CompileProvider).
         directive({
             a: htmlAnchorDirective,
-- 
cgit v1.2.3