kylefang/angular.js
1
0
Fork 0
mirror of https://github.com/zhigang1992/angular.js.git synced 2026-04-08 09:07:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
bc6fb7cc94afddcb11b94f74d13812a6be1cdb64
angular.js/test
History
Jann Horn bc6fb7cc94 fix($parse): forbid referencing Object in angular expressions 
It was possible to run arbitrary JS from inside angular expressions using the
`Object.getOwnPropertyDescriptor` method like this since commit 4ab16aaa:
    ''.sub.call.call(
      ({})["constructor"].getOwnPropertyDescriptor(''.sub.__proto__, "constructor").value,
      null,
      "alert(1)"
    )()
Fix that by blocking access to `Object` because `Object` isn't accessible
without tricks anyway and it provides some other nasty functions.

BREAKING CHANGE:
This prevents the use of `Object` inside angular expressions.
If you need Object.keys, make it accessible in the scope.
2014-06-30 09:26:29 -07:00
..
auto
fix(injector): allow multiple loading of function modules
2014-06-16 20:45:49 -04:00
e2e
tests(docsAppE2E): fix race condition flake with switching to new frame
2014-05-23 11:29:17 -07:00
fixtures
fix(jqLite): make jqLite('<iframe src="someurl">').contents() return iframe document, as in jQuery
2014-02-18 18:43:59 -05:00
helpers
test(jqLite): adapt tests to new expando name
2014-06-05 14:30:44 -07:00
ng
fix($parse): forbid referencing Object in angular expressions
2014-06-30 09:26:29 -07:00
ngAnimate
fix(ngAnimate): $animate methods should accept native dom elements
2014-06-02 13:58:15 -07:00
ngCookies
fix(ngCookie): convert non-string values to string
2014-03-21 13:05:29 -07:00
ngMock
fix(injector): allow multiple loading of function modules
2014-06-16 20:45:49 -04:00
ngResource
fix(ngResource): don't convert literal values into Resource objects when isArray is true
2014-06-13 13:55:33 -07:00
ngRoute
docs(*): fix its vs it's typos.
2014-05-20 17:51:32 -04:00
ngSanitize
fix(ngSanitize): encode surrogate pair properly
2014-05-02 17:49:33 -04:00
ngScenario
perf(jqLite): implement and use the empty method in place of html(‘’)
2013-12-13 02:07:11 -08:00
ngTouch
fix(ngTouch): update workaround for desktop Webkit quirk
2014-03-21 13:05:29 -07:00
.jshintrc
fix(input): improve html5 validation support
2014-06-24 08:35:47 -04:00
AngularSpec.js
test(jqLite): adapt tests to new expando name
2014-06-05 14:30:44 -07:00
ApiSpecs.js
fix(injector): allow multiple loading of function modules
2014-06-16 20:45:49 -04:00
BinderSpec.js
feat(ngRepeat): use block separator comments
2013-10-09 15:19:10 -07:00
jqLiteSpec.js
docs(*): fix its/it's grammar
2014-05-31 18:47:28 -04:00
jquery_alias.js
fix(specs): fix jQuery to jqLite binding on IE8
2011-09-16 02:44:33 +02:00
jquery_remove.js
fix(specs): fix jQuery to jqLite binding on IE8
2011-09-16 02:44:33 +02:00
jQueryPatchSpec.js
feat(jqLite): switch bind/unbind to more recent jQuery on/off
2013-06-19 20:53:24 +01:00
loaderSpec.js
fix(loader): expose $$minErr to modules such asngResource
2013-11-21 22:51:26 -08:00
minErrSpec.js
feat(minerr): log minerr doc url in development
2013-08-15 13:23:18 -07:00