fix(ngSanitize): Blacklist the attribute usemap

Given that the attribute `name` is blacklisted, the attribute `usemap` should be
blacklisted too.

Closes: ##13826
This commit is contained in:
Lucas Mirelmann
2016-01-22 21:04:40 +01:00
parent a277bcf0f7
commit 234053fc9a
2 changed files with 2 additions and 1 deletions
+1 -1
View File
@@ -254,7 +254,7 @@ var validElements = angular.extend({},
optionalEndTagElements);
//Attributes that have href and hence need to be sanitized
var uriAttrs = toMap("background,cite,href,longdesc,src,usemap,xlink:href");
var uriAttrs = toMap("background,cite,href,longdesc,src,xlink:href");
var htmlAttrs = toMap('abbr,align,alt,axis,bgcolor,border,cellpadding,cellspacing,class,clear,' +
'color,cols,colspan,compact,coords,dir,face,headers,height,hreflang,hspace,' +
+1
View File
@@ -153,6 +153,7 @@ describe('HTML', function() {
it('should remove unsafe value', function() {
expectHTML('<a href="javascript:alert()">').toEqual('<a></a>');
expectHTML('<img src="foo.gif" usemap="#foomap">').toEqual('<img src="foo.gif">');
});
it('should handle self closed elements', function() {