Skip to content
This repository has been archived by the owner on Apr 12, 2024. It is now read-only.

Commit

Permalink
TEST
Browse files Browse the repository at this point in the history
  • Loading branch information
@petebacondarwin
petebacondarwin committed Dec 23, 2017
1 parent 33bb1d1 commit 6389ae3
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 7 deletions.
8 changes: 7 additions & 1 deletion src/ng/sanitizeUri.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,15 @@ function $$SanitizeUriProvider() {

this.$get = function() {
return function sanitizeUri(uri, isMediaUrl) {
if (!uri) return uri;
var regex = isMediaUrl ? imgSrcSanitizationWhitelist : aHrefSanitizationWhitelist;
var normalizedVal;
normalizedVal = urlResolve(uri && uri.trim()).href;
try {
normalizedVal = urlResolve(uri.trim()).href;
} catch(e) {
console.log(uri);
throw e;
}
if (normalizedVal !== '' && !normalizedVal.match(regex)) {
return 'unsafe:' + normalizedVal;
}
Expand Down
12 changes: 6 additions & 6 deletions test/ng/compileSpec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11173,13 +11173,13 @@ describe('$compile', function() {
$rootScope.$digest();
expect(element.attr('src')).toEqual('unsafe:untrusted:foo();ponies');

element = $compile('<img src="http://{{testUrl}}"></img>')($rootScope);
$rootScope.testUrl = $sce.trustAsUrl('untrusted:foo();');
element = $compile('<img src="http://{{testUrl2}}"></img>')($rootScope);
$rootScope.testUrl2 = $sce.trustAsUrl('xyz;');
$rootScope.$digest();
expect(element.attr('src')).toEqual('http://untrusted:foo();');
expect(element.attr('src')).toEqual('http://xyz;');

element = $compile('<img src="{{testUrl}}{{testUrl}}"></img>')($rootScope);
$rootScope.testUrl = $sce.trustAsUrl('untrusted:foo();');
element = $compile('<img src="{{testUrl3}}{{testUrl3}}"></img>')($rootScope);
$rootScope.testUrl3 = $sce.trustAsUrl('untrusted:foo();');
$rootScope.$digest();
expect(element.attr('src')).toEqual('unsafe:untrusted:foo();untrusted:foo();');
}));
Expand Down Expand Up @@ -11220,7 +11220,7 @@ describe('$compile', function() {
expect(element.attr('src')).toEqual('someSanitizedUrl');

element = $compile('<img src="http://{{testUrl}}"></img>')($rootScope);
$rootScope.testUrl = $sce.trustAsUrl('javascript:foo();');
$rootScope.testUrl = $sce.trustAsUrl('xyz');
$rootScope.$digest();
expect(element.attr('src')).toEqual('someSanitizedUrl');
});
Expand Down

0 comments on commit 6389ae3

Please sign in to comment.