8000 fix(jqLite): prevent possible XSS due to regex-based HTML replacement by mgol · Pull Request #17028 · angular/angular.js · GitHub
[go: up one dir, main page]
Skip to content
This repository was archived by the owner on Apr 12, 2024. It is now read-only.

fix(jqLite): prevent possible XSS due to regex-based HTML replacement #17028

Merged
merged 3 commits into from
May 27, 2020
Merged

fix(jqLite): prevent possible XSS due to regex-based HTML replacement #17028

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2df43c0
fix(jqLite): prevent possible XSS due to regex-based HTML replacement
mgol May 19, 2020
05cf606
fix(jqLite): apply suggestions from code review
mgol May 26, 2020
c8b7c16
fix(jqLite): improve documentation
mgol May 26, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
fix(jqLite): improve documentation
  • Loading branch information
@mgol
mgol authored May 26, 2020
commit c8b7c16b78bc3ba7486ebf9c41f4603a9f429dd1
6 changes: 3 additions & 3 deletions src/jqLite.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,9 +90,9 @@
* - [`val()`](http://api.jquery.com/val/)
* - [`wrap()`](http://api.jquery.com/wrap/)
*
* jqLite also provides a method restoring pre-1.8 insecure treatment of XHTML-like tags
* that makes input like `<div /><span />` turned to `<div></div><span></span>` instead of
* `<div><span></span></div>` like version 1.8 & newer do:
* jqLite also provides a method restoring pre-1.8 insecure treatment of XHTML-like tags.
* This legacy behavior turns input like `<div /><span />` to `<div></div><span></span>`
* instead of `<div><span></span></div>` like version 1.8 & newer do. To restore it, invoke:
* ```js
* angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement();
* ```
Expand Down
0