Compare commits

..

196 Commits

Author SHA1 Message Date
Pete Bacon Darwin 84951af9e0 chore(package.json): update dist-tag for 1.7.x 2020-06-01 13:04:39 +01:00
George Kalpakas 1e4e382c8b chore(docs.angularjs.org): upgrade Firebase libraries 2020-04-14 16:13:06 +03:00
George Kalpakas 06e50200ba chore(code.angularjs.org): upgrade Firebase libraries 2020-04-14 16:13:05 +03:00
Nishant Mittal 38f21bd422 docs(misc/Version Support Status): Minor Typo Fix
Closes #17012
2020-04-13 15:51:46 +03:00
Sam Katakouzinos 5b037321c3 docs(developers): commit message format typo
Any line of the commit message cannot be longer *than* 100 characters!

Closes #17006
2020-03-11 13:32:56 +02:00
Chives b7753b7a01 docs($aria): get the docs working for the service
Closes #16945
2020-02-07 16:24:47 +02:00
comet 509029b382 docs(*): fix spelling errors
Closes #16942
2020-02-02 11:39:01 +02:00
George Kalpakas 1d97cf9521 chore(*): fix serving of URI-encoded files on code.angularjs.org
The files served for the various versions on https://code.angularjs.org/
are retrieved by a Firebase function from a Firebase Storage bucket
(where they are deployed to from Travis CI). The files are stored
exactly as they are named on disk.

It turns out that some of the files have names with special characters
that get URI-encoded when sent to the Firebase function. For example,
`input[text].html` becomes `input%5Btext%5D.html`. As a result, the
actual file cannot be retrieved from the Storage bucket (since the name
does not match) and `index.html` is returned instead. Apparently, this
never worked, but nobody noticed or reported it until recently.

An example of a failing URL is:
https://code.angularjs.org/1.7.9/docs/api/ng/input/input%5Btext%5D

(NOTE: https://docs.angularjs.org/ works correctly, since the files are
deployed to Firebase hosting directly and not to a Storage bucket.)

This commit fixes the problem by decoding the request path before trying
to retrieve the corresponding file from the Storage bucket.

Closes #16943
2020-02-02 11:24:30 +02:00
George Kalpakas 479699fdcb chore(package): fix scripts for latest Node 10.x on Windows 2020-02-02 11:24:30 +02:00
thatshubham 95b47eb86b docs(angular.errorHandlingConfig): fix typo (wether --> whether)
Closes #16935
2020-01-14 12:26:05 +02:00
thatshubham 124241c739 docs(angular.copy): fix getter/setter formatting
Fix the formatting of `getter`/`setter` in the known limitations section
of the `angular.copy()` docs.

Closes #16934
2020-01-14 12:26:05 +02:00
Angel_Kitty 4021069223 chore(*): update copyright year to 2020
Closes #16930
2020-01-14 12:26:04 +02:00
Pete Bacon Darwin c428d4285d docs: add mention to changelog
(cherry picked from commit 36f17c9262)
2019-11-26 15:25:13 +01:00
Pete Bacon Darwin 16e18a5226 docs: add mention to changelog
(cherry picked from commit ff5f782b20)
2019-11-26 15:25:06 +01:00
Pete Bacon Darwin d257c4564d docs: release notes for 1.7.9 2019-11-19 08:24:10 +00:00
George Kalpakas 1b1684c2b2 docs($compile): fix typos and incorrect example
(cherry picked from commit 1147f0e213)
2019-11-15 16:25:30 +01:00
Pete Bacon Darwin 726f49dcf6 fix(angular.merge): do not merge __proto__ property
By blocking `__proto__` on deep merging, this commit
prevents the `Object` prototype from being polluted.
2019-11-07 15:39:57 +00:00
George Kalpakas 8a187f16c3 chore(saucelabs): switch to latest version of desktop Safari
The currently latest-1 version of desktop Safari (v12.0) on SauceLabs is
completely unstable. Switching to the latest version (currently v12.1),
which works fine.

Closes #16888
2019-07-24 15:55:47 +03:00
George Kalpakas d97e6f1695 chore(saucelabs): upgrade SauceConnect to 4.5.4 2019-07-24 15:55:47 +03:00
byronigoe 26e893a2fa docs(guide/migration): fix typo (misceallenous --> miscellaneous)
Closes #16876
2019-05-28 21:16:33 +03:00
George Kalpakas 5edd25364f fix(ngStyle): correctly remove old style when new style value is invalid
Since d6098eeb1, old styles were not removed if `newStyles` specified an
invalid value for the style (e.g. `false`). The assumption was that the
new style would overwrite the old style value, but using an invalid
value made browsers ignore the new value and thus keep the old style.
This would typically happen when guarding a style with a boolean flag;
e.g.: `ng-style="{backgroundColor: isError && 'red'}"`

This commit essentially revers commit d6098eeb1, whose main purpose was
to work around jquery/jquery#4185. The jQuery issue has been fixed in
3.4.0, so that should not be a problem any more.

Fixes #16860

Closes #16868
2019-05-09 21:27:51 +03:00
Michał Gołębiowski-Owczarek 019dded64b chore(*): update jQuery from 3.2.1 to 3.4.0
This updates jQuery to 3.4.0 to ensure future security fixes won't break it.

Closes #16863
2019-04-12 11:29:42 +02:00
Michał Gołębiowski-Owczarek 0007be1ca2 chore(*): make yarn.lock & GitHub templates identical between master & v1.7.x
Closes #16862
2019-04-12 11:27:05 +02:00
askhalil 863528f299 docs(DEVELOPERS): remove git revert misleading information
Closes #16857
2019-03-26 13:40:37 +02:00
JandersonConstantino 97aff90a2c chore(*): update copyright year 2019-03-22 07:28:48 +00:00
Pete Bacon Darwin dd26545870 docs(CHANGELOG): add 1.7.8 release notes 2019-03-11 11:30:02 +00:00
Martin Staffa a4c7bdccd7 fix(required): correctly validate required on non-input element surrounded by ngIf
Closes #16830
Closes #16836
2019-03-06 18:09:35 +01:00
Ashish Kamble edb3e22c01 docs(guide/di): clarify example description
Closes #16833
2019-03-05 22:01:01 +02:00
Pete Bacon Darwin 7446836e56 chore(scripts): use https for git repo URLs 2019-02-04 13:31:07 +00:00
Pete Bacon Darwin 3f79662d61 docs(CHANGELOG): update with 1.7.7 release notes 2019-02-04 13:04:28 +00:00
Pete Bacon Darwin e4830b9fd2 docs(RELEASE): store release instructions 2019-02-04 13:04:23 +00:00
Martin Staffa 5ad4f5562c fix(ngRequired): set error correctly when inside ngRepeat and false by default
Previously, in the required validator, we would read the required setting directly
from attr.required, where it is set by ngRequired.

However, when the control is inside ngRepeat, ngRequired sets it only after a another digest has
passed, which means the initial validation run of ngModel does not include the correct required
setting. (Before commit 0637a2124c this would not have been a problem,
as every observed value change triggered a validation).

We now use the initially parsed value from ngRequired in the validator.

Fixes #16814
Closes #16820
2019-01-26 11:31:56 +01:00
Martin Staffa 43bb414e23 docs(angular.copy): fix list of unsupported types 2019-01-21 20:36:49 +01:00
Martin Staffa 64c7c53190 docs(angular.merge): add notes about support and lodash compatibility
Closes #16187
Closes #14512
2019-01-21 20:36:49 +01:00
Martin Staffa 5075c870fd docs(angular.copy): list object types / features that are not supported
Closes #5085
Closes #13193
Closes #14352
Closes #15904
Closes #16055
Closes #16061
Closes #16067
2019-01-21 20:36:48 +01:00
Martin Staffa b9edb415b2 docs(angular.copy): add note about destination and source compatibility
Closes #15444
Closes #15462
2019-01-21 20:36:47 +01:00
Martin Staffa 7ca6543244 docs(ngParseExt): note limitations with ngOptions and ngRepeat
Closes #15954
Closes #15926
2019-01-21 20:36:47 +01:00
Martin Staffa e58b4ceed8 docs(input[email]): note limitations with IPv6 addresses
Closes #16599
2019-01-21 20:36:46 +01:00
Martin Staffa c97237bcb8 docs(ngDisabled): remove restriction to input element
Disabled can be set on many different elements, and might also be used
on custom controls, so it's better to remove the restriction completely

Closes #16775
2019-01-21 12:55:31 +01:00
Pete Bacon Darwin 8822a4ff69 chore(*): update CHANGELOG with release notes for 1.7.6 2019-01-17 09:20:48 +00:00
Jason Bedard 772440cdaf fix($compile): fix ng-prop-* with undefined values
Fixes #16797
Closes #16798
2019-01-11 10:04:26 -08:00
George Kalpakas 1fbddf950f chore(saucelabs): remove SL_Safari from browser list
Closes #16806
2019-01-10 21:42:12 +02:00
George Kalpakas 369ca3e13e chore(saucelabs): add SL_EDGE-1 to browser list 2019-01-10 21:42:12 +02:00
George Kalpakas 00d38e3358 chore(travis): suppress verbose log output and allow error logging
Based on angular/angular#27657.
2019-01-10 21:42:11 +02:00
George Kalpakas a0ed1b73ff chore(package): upgrade to latest karma-sauce-launcher
Based on angular/angular#27634.
2019-01-10 21:42:11 +02:00
George Kalpakas e44c3ac327 chore(package): upgrade to latest karma
This includes a Karma fix that affects CI flakiness.
Based on angular/angular#27735.
2019-01-10 21:42:11 +02:00
George Kalpakas c6551231b2 chore(saucelabs): use 'websocket' for transmission when possible 2019-01-10 21:42:10 +02:00
George Kalpakas bf073be69d chore(saucelabs): upgrade to latest SauceConnect 2019-01-10 21:42:10 +02:00
George Kalpakas aed34c75be test(ngHref): only run Edge-specific test on relevant Edge versions 2019-01-10 21:42:10 +02:00
Bernhard Kiselka 78e17f5729 docs(guide/Conceptual Overview): use exchangeratesapi.io
As fixer.io introduced an API key and thus a limitation of calls
(see https://github.com/fixerAPI/fixer#readme ),
change https://api.fixer.io to https://api.exchangeratesapi.io instead,
which is "designed and tested to handle thousands of request per second"
and has "built in Fixer.io compatibility so you can keep all the libraries you already like
and use daily" (from https://api.exchangeratesapi.io ).
The idea is from https://github.com/fixerAPI/fixer/issues/107

fixes  #16807

Closes #16808
2019-01-07 13:13:29 +02:00
Julien RAJERISON ba6f477ac8 docs(ISSUE_TEMPLATE.md): add Opera to browser list
Opera is indirectly supported, although not explicitly tested on (see
[here](https://docs.angularjs.org/misc/faq#what-browsers-does-angularjs-work-with-)
for more info), so it doesn't hurt adding it to the list of browsers.

Closes #16801
2018-12-29 12:46:36 +02:00
Frederik Prijck 6482297185 chore(package): rename to angular to match npm
Previously, angularjs was used as the name inside the package.json file.
However, angularjs is published to npm using angular.
To avoid conflicts, the name is updated to reflect the same name as being published on npm.

Fixes #16799

Closes #16800
2018-12-27 20:29:11 +02:00
Pete Bacon Darwin 41deaf1d21 test(ngAnimate): ensure that blockTransitions can be spied upon
Previously the test was assuing that this function was attached to
the window, which is not the case in production, nor in the isolated
module tests.
2018-12-12 08:10:44 +00:00
Pete Bacon Darwin 23e4138c07 chore(modules): execute modules unit tests in one karma run
SauceLabs  is struggling to keep connecting and disconnecting
for each of the modules unit test runs. This commit puts most of
the module tests into IIFEs so that they can be run in one go.

* ngMock is still tested separately since unlike the other tests
it doesn't want to have a pre-built version of ngMock available.

* ngAnimate is still tested separately because it does some funny
things with globals that were difficult to isolate in the main modules
test run.
2018-12-12 08:10:12 +00:00
Pete Bacon Darwin 0ffb30f585 chore(utils): do not mutate source arrays 2018-12-12 08:09:59 +00:00
Pete Bacon Darwin 6f52013668 test(*): isolate cache leaks from subsequent tests 2018-12-12 08:09:42 +00:00
Michał Gołębiowski-Owczarek 07e1ba29f0 test(ngSanitize): disable a failing Edge test in all versions, including 18
It's been only disabled on Edge 16/17 so far which made it fail in Edge 18.

Closes #16786
2018-12-09 03:23:44 +01:00
Pete Bacon Darwin 04c64b3d10 chore(code.angularjs.org): fix directory list paging 2018-12-06 10:34:57 +00:00
Pete Bacon Darwin 4d9a95ffdb chore(code.angularjs.org): update firebase libraries 2018-12-06 10:34:47 +00:00
Michał Gołębiowski-Owczarek 27486bd15e fix(compile): properly handle false value for boolean attrs with jQuery
jQuery skips special boolean attrs treatment in XML nodes for historical reasons
and hence AngularJS cannot freely call `.attr(attrName, false) with such
attributes. To avoid issues in XHTML, call `removeAttr` in such cases instead.

Ref jquery/jquery#4249
Fixes #16778
Closes #16779
2018-12-06 10:09:55 +01:00
Jason Bedard cf919a6fb7 fix(ngRepeat): fix reference to last collection value remaining across linkages
Ref #16776
2018-12-06 10:09:47 +01:00
Jason Bedard d4d1031bcd fix(ngRepeat): fix trackBy function being invoked with incorrect scope
Also fixes a leak of that scope across all further instances of the
repeated element.

Fixes #16776
Closes #16777
2018-12-06 10:09:38 +01:00
Joseph Jacobs 798114075f docs(tutorial/step_3): clarify how components are mapped to HTML elements
Closes #16768
2018-12-05 18:59:20 +02:00
Anthony X 838dd12ee1 docs(tutorial/step_6): fix experiment description
In the experiments section, it is suggested to add a `-` symbol to
`<option value="age">Oldest</option>`. This change is made to reverse
the sort order when selecting the `age` option.

However, this change affects the default `$ctrl.orderProp` that we had
set in `phone-list.component.js`. After making the change, our default
when refreshing the page is "Sort by: [blank]".

This commit adds some additional documentation to clarify that this
behavior makes sense and that the reader should try and fix this within
`phone-list.component.js`.

Closes #16781
2018-12-05 17:24:40 +02:00
Martin Staffa 6926223963 perf(input): prevent multiple validations on initialization
This commit updates in-built validators with observers to prevent
multiple calls to $validate that could happen on initial linking of the directives in
certain circumstances:

- when an input is wrapped in a transclude: element directive (e.g. ngRepeat),
the order of execution between ngModel and the input / validation directives changes so that
the initial observer call happens when ngModel has already been initalized,
leading to another call to $validate, which calls *all* defined validators again.
Without ngRepeat, ngModel hasn't been initialized yet, and $validate does not call the validators.

When using validators with scope expressions, the expression value is not available when
ngModel first runs the validators (e.g. ngMinlength="myMinlength"). Only in the first call to
the observer does the value become available, making a call to $validate a necessity.

This commit solves the first problem by storing the validation attribute value so we can compare
the current value and the observed value - which will be the same after compilation.

The second problem is solved by parsing the validation expression once in the link function,
so the value is available when ngModel first validates.

Closes #14691 
Closes #16760
2018-12-05 14:10:09 +01:00
Martin Staffa 5f8372ee2d chore(Saucelabs): increase max session duration
We have amassed so many e2e tests, that the default 30 minute
Saucelabs session limit is often not enough, especially during
the week, when the VMs are under heavy load.
2018-12-05 08:31:03 +01:00
Eirik Blakstad 289374a43c fix(aria/ngClick): check if element is contenteditable before blocking spacebar
`ngAria`'s `ngClick` blocks spacebar keypresses on non-blacklisted
elements, which is an issue when the element is `contenteditable`.

Closes #16762
2018-12-02 13:19:47 +02:00
Pete Bacon Darwin 3b333f3b9f chore(package): update protractor & webdriver dependencies 2018-12-02 10:06:18 +00:00
Jason Bedard 7cbb1044fc fix(input): prevent browsers from autofilling hidden inputs
Autofilling with previous values (which will then be `$interpolate`ed) could lead to XSS or errors
2018-12-02 09:48:46 +00:00
Martin Staffa a8bfeff5d8 chore(travis): put unit module tests into separate job
They take a lot of time since we created different karma jobs for them
2018-11-26 14:53:33 +01:00
Martin Staffa fc0e100c45 chore(saucelabs): always test 2 latest Safari versions
Safari 10 does not finish the tests, but Safari 11 and 12 do
2018-11-26 14:53:32 +01:00
Martin Staffa eb49f6b755 revert: fix(Angular): add workaround for Safari / Webdriver problem
This reverts commit 6b915ad9db.
Karma has this workaround built in since 3.1.0:
https://github.com/karma-runner/karma/commit/873e4f9
2018-11-26 14:53:31 +01:00
Martin Staffa f9e651d113 chore(*): update karma
This allows us to remove the workaround added in #16645
2018-11-26 14:53:23 +01:00
Jason Bedard 2f72a69ded fix($browser): normalize inputted URLs
Calls to `$browser.url` now normalize the inputted URL ensuring multiple
calls only differing in formatting do not force a browser `pushState`.

Normalization is done the same as the browser location URL and may
differ per browser and may be changed by browsers. Today no browsers
fully normalize URLs so this does not fix all instances of this issue.

See #16100
Closes #16606
2018-11-26 14:50:39 +01:00
Jason Bedard 8a67ac57fc test($browser): update MockWindow to normalize URLs similar to real window.location 2018-11-26 14:50:39 +01:00
Pete Bacon Darwin 90a41d415c fix(interpolate): do not create directives for constant media URL attributes
By creating attribute directives that watch the value of
media url attributes (e.g. `img[src]`) we caused a conflict
when both `src` and `data-src` were appearing on the
same element. As each directive was trying to write to the
attributes on the element, where AngularJS treats `src` and
`data-src` as synonymous.

This commit ensures that we do not create create such directives
when the media url attribute is a constant (no interpolation).

Because of this (and because we no longer sanitize URLs in the
`$attr.$set()` method, this commit also updates `ngHref` and
`ngSrc` to do a preliminary sanitization of URLs in case there
is no interpolation in the attribute value.

Fixes #16734
2018-11-20 14:12:22 +00:00
Volker Braun eefaa76a90 fix($q): allow third-party promise libraries
For testing, it can be useful to overwrite `$q` with other promise
implementions, such as Bluebird + angular-bluebird-promises. This broke
in v1.6.x with "TypeError: Cannot set property 'pur' of undefined".

Closes #16164

Closes #16471
2018-11-15 17:39:49 +02:00
Alejandro López bc3432365c test(e2e): replace the deprecated browser.getLocationAbsUrl() with browser.getCurrentUrl()
According to angular/protractor#3969, `browser.getLocationAbsUrl()` is
now deprecated and `browser.getCurrentUrl()` should be used instead.

Closes #16053
2018-11-15 17:14:05 +02:00
George Kalpakas f4ac5c8487 docs(tutorial): mention that Protractor might need upgrading
Since Protractor requires specific WebDriver versions and these are only
compatible with specific browser version ranges, it is often necessary
to upgrade Protractor just so that it picks up a more recent WebDriver
version.
Related: #16739

Closes #16753
2018-11-15 16:50:10 +02:00
George Kalpakas 9f2f567167 docs(tutorial): explain how to upgrade dependencies
Related: angular/angular-seed#439
2018-11-15 16:50:10 +02:00
George Kalpakas 3e6f49a227 docs(tutorial): replace getLocationAbsUrl() with getCurrentUrl()
Protractor's `browser.getLocationAbsUrl()` has been deprecated and
`browser.getCurrentUrl()` is the recommended alternative.
Related: angular/angular-phonecat#430
2018-11-15 16:50:09 +02:00
George Kalpakas 795398fab0 docs(tutorial): switch from bower to npm and upgrade AngularJS to 1.7.x
Related: angular/angular-phonecat#430
2018-11-15 16:50:08 +02:00
George Kalpakas f1a34bad20 docs(tutotial): switch all links to https 2018-11-15 16:50:07 +02:00
teresy 84a6ea9eb4 refactor(production): remove duplicate expression
Remove a duplicate expression (the left and right sides both check `versionInfo.currentVersion.version`). [48f0957](https://github.com/angular/angular.js/blob/48f0957dde728b050e2d8f76db81cbf12cffd42a/docs/config/services/deployments/production.js#L18) is the most recent commit I found where these expressions differ. My best guess is the duplicated expression can be removed.

Closes #16738
2018-11-15 16:08:12 +02:00
George Kalpakas ff0ef2aeaf test(ngOn*): add tests for binding to camelCased event names
Closes #16757
2018-11-12 13:19:32 +02:00
George Kalpakas c81e3556e8 test($compile): fix incorrect markup in tests 2018-11-12 13:19:32 +02:00
George Kalpakas 8cc69b9edb chore(i18n): fix UCD extraction for Node 10.x
Previously (e.g. Node.js 8.x), the 3rd argument to `fs.writeFile()`
(i.e. the callback) could be undefined. On Node.js 10.x, this throws an
error.

This commit fixes it by switching to `fs.writeFileSync()` which seems to
have been the original intention (based on the sorrounding code).
2018-11-12 13:19:31 +02:00
George Kalpakas ae8ce3ec60 chore(docs): fix rendering of methods' this type 2018-11-12 13:19:31 +02:00
George Kalpakas df0d5d245e chore(package): fix scripts for Node 10.x on Windows 2018-11-12 13:19:31 +02:00
Daniel Breen 67ec5e8ceb docs(guide/migration): fix typos, change 'ctrk' to 'ctrl'
Closes #16754
2018-11-02 19:35:34 +02:00
Daniel Breen 4df2188e96 docs(changelog): fix typos, change 'ctrk' to 'ctrl' 2018-11-02 19:35:34 +02:00
Hallstein Brøtan 816a587578 docs(guide/Developer Guide): correct broken link
The blog post "Creating multilingual support using AngularJS" has moved. Corrected the URL.

Closes #16746
2018-10-29 11:00:20 +02:00
Michał Gołębiowski-Owczarek 0e1bd7822e fix(urlUtils): make IPv6 URL's hostname wrapped in square brackets in IE/Edge
IE 9-11 and Edge 16-17 (fixed in 18 Preview) incorrectly don't wrap IPv6
addresses' hostnames in square brackets when parsed out of an anchor element.

Fixes #16692
Closes #16715
2018-10-18 11:45:53 +02:00
George Kalpakas b27080d525 fix(ngAnimateSwap): make it compatible with ngIf on the same element
Previously, both `ngAnimateSwap` and `ngIf` had a priority of 600, which
meant that (while both are [terminal directives][1]) they were executed
on top of each other (essentially messing each other's comment node).

This commit fixes it, by giving `ngAnimateSwap` a priority of 550, which
is lower than `ngIf` but still higher than other directives.

For reference, here is a list of built-in directive per priority:

```
-400: ngInclude, ngView
  -1: ngRef
   1: ngMessage, ngMessageDefault, ngMessageExp, ngModel, select
  10: ngModelOptions
  99: ngHref, ngSrc, ngSrcset
 100: attr interpolation, ngChecked, ngDisabled, ngList, ngMax,
      ngMaxlength, ngMin, ngMinlength, ngModel (aria), ngMultiple,
      ngOpen, ngPattern, ngProp*, ngReadonly, ngRequired, ngSelected,
      ngStep, ngValue, option
 400: ngInclude, ngView
 450: ngInit
 500: ngController
 600: ngAnimateSwap, ngIf
1000: ngNonBindable, ngRepeat
1200: ngSwitchDefault, ngSwitchWhen
```

[1]: https://docs.angularjs.org/api/ng/service/$compile#-terminal-

Fixes #16616

Closes #16729
2018-10-15 23:25:45 +03:00
George Kalpakas 1a509873bf refactor(ngAnimateSwap): remove unnecessary inject() from tests 2018-10-15 23:25:12 +03:00
Martin Staffa fead62e958 test(modules): properly isolate module tests
Closes #16712
2018-10-15 15:12:13 +02:00
Martin Staffa e2011bd0b3 docs(ngMock/ngMockE2E.$httpBackend): fix method name to matchLatestDefinitionEnabled
See #16702
2018-10-15 15:12:12 +02:00
Martin Staffa 3cdffcecba fix(ngMock): make matchLatestDefinitionEnabled work
Fixes #16702
2018-10-15 15:12:11 +02:00
Michał Gołębiowski-Owczarek f87d6648d7 chore(*): update Sauce Connect from 4.4.12 to 4.5.1
Sauce Connect 4.5.0 fixes "a major bug in connection state logic that caused
clients to exit prematurely".
See https://wiki.saucelabs.com/display/DOCS/Sauce+Connect+Proxy+Change+Logs
This will possibly improve the stability of our test runs.

Closes #16730
2018-10-15 12:59:28 +02:00
Michał Gołębiowski-Owczarek b1d0a83d01 chore(*): update minimum Yarn version, do some Yarn-related cleanups
Included changes:

*Update minimum Yarn version from 1.3.2 to 1.10.1*

Yarn 1.10 added the integrity field to the lockfile, making newer Yarn users
have their lockfile changed a lot if they run `yarn`. This commit updates the
required Yarn version to be at least 1.10.1 and changes Travis & Jenkins to use
Yarn 1.10.1

*Change the package.json's engines grunt field to grunt-cli*

The grunt field suggested it's the grunt package version we're checking while
we check the grunt-cli version instead.

*Stop separating Yarn script arguments from script names via " -- "*

The " -- " separator is necessary in npm but not in Yarn. In fact, it's
deprecated in Yarn and some future version is supposed to start passing this
parameter directly to the scripts which may break them.

*Don't install grunt-cli globally during the build*

It's enough to use `yarn grunt` instead of `grunt` and the global grunt-cli
installation is no longer needed.

*Use `yarn grunt` instead of `yarn run grunt`*

The former form is shorter.

*Don't define the `grunt` Yarn script*

As opposed to npm, `yarn binName` invokes a binary named `binName` exposed
by the respective package so the `grant` Yarn script is no longer needed.

*Allow Node versions newer than 8; bump the minimum*

Closes #16714
2018-10-11 16:36:49 +02:00
itchyny d6098eeb1c fix(ngStyle): skip setting empty value when new style has the property
Previously, all the properties in oldStyles are set to empty value once.
Using AngularJS with jQuery 3.3.1, this disables the CSS transition as
reported in jquery/jquery#4185.

Closes #16709
2018-10-04 17:03:21 +02:00
Pete Bacon Darwin c903b76f6c docs(changelog): add 1.7.5 release notes 2018-10-04 14:59:37 +01:00
George Kalpakas f3a565872d fix(ngClass): do not break on invalid values
Previously, when an `ngClass` expression evaluated to something that was
not a string, array or object (and was truthy), an error would be thrown
while trying to call `.split()` on a non-string value. This error was
not very helpful for the user to identify the root cause of the problem.

This commit fixes it by ensuring such values are converted to string.

Fixes #16697

Closes #16699
2018-09-20 12:20:50 +03:00
Sibiraj 582b03b983 docs(*): update LTS information in README.md and docs landing page
Closes #16688
2018-09-10 21:00:30 +03:00
Pete Bacon Darwin be240b1176 docs(changelog): add 1.7.4 release notes 2018-09-07 09:57:37 +01:00
Martin Staffa 61b33543ff fix(ngAria.ngClick): preventDefault on space/enter only on non-interactive elements
Fixes #16664
Closes #16680
2018-09-06 15:59:19 +02:00
Martin Staffa 1dcba9cd88 chore(benchpress): add ngRepeat animation benchmark
Closes #13976
2018-09-06 15:46:25 +02:00
Michał Gołębiowski-Owczarek 8cd54d7794 docs(version-support-status): remove outdated info, resolve inconsistencies
Closes #16684
2018-09-06 15:42:24 +02:00
Martin Staffa 3105b2c26a fix(ngAnimate): remove prepare classes with multiple structural animations
Closes #16681
Closes #16677
2018-09-06 15:42:18 +02:00
Craig Johnson bc5a48d4a4 docs(guide): grammar correction in security guide
Closes #16683
2018-09-06 15:42:00 +02:00
George Kalpakas 2bbc7c464f refactor(ngMocks): simplify routeToRegExp by assuming path has query/hash stripped off
Closes #16672
2018-08-26 00:00:03 +03:00
George Kalpakas e85f91d582 refactor(ngMocks): clean up MockHttpExpectation 2018-08-26 00:00:01 +03:00
George Kalpakas 862a78dfd2 refactor(ngMocks): ignore query/hash when extracting path params for MockHttpExpectation 2018-08-25 23:59:59 +03:00
George Kalpakas bd772abf34 refactor(ngMocks): clean up MockHttpExpectation#params() 2018-08-25 23:59:57 +03:00
George Kalpakas b074d719ae refactor(ngRoute): do not unnecessarily return originalPath in routeToRegExp 2018-08-25 23:59:56 +03:00
George Kalpakas a43a40b778 test(ngMocks): use correct method name in $httpBackend test 2018-08-25 23:59:54 +03:00
Susisu 2ceeb739f3 fix($route): correctly extract path params if path contains question mark or hash
The `routeToRegExp()` function, introduced by 840b5f0, could not extract
path params if the path contained question mark or hash. Although these
characters would normally be encoded in the path, they are decoded by
`$location.path()`, before being passed to the RegExp returned by
`routeToRegExp()`.

`routeToRegExp()` has to be able to deal with both encoded URL and
decoded path, because it is being shared between `ngRoute` and
`ngMocks`.

This commit fixes the issue, by introducing an `isUrl` option that
allows creating an appropriate RegExp for each usecase.
2018-08-25 23:59:53 +03:00
George Kalpakas fa715abf45 chore(doc-gen): upgrade dgeni-packages to 0.26.5
Related: #16671, angular/dgeni-packages#271
2018-08-23 15:08:29 +03:00
George Kalpakas f943e377e8 docs(angular.copy): fix formatting
Using `<br>` messes formatting (due to a bug in
`dgeni`/`dgeni-packages`). This started breaking in c387e0d79.

Fixes #16671
2018-08-21 11:46:06 +03:00
Martin Staffa 30084c1369 fix(ngHref): allow numbers and other objects in interpolation
Interpolated content in ngHref must be stringified before being passed to $$sanitizeUri by $sce. Before 1.7.x, the sanitization had happened on the already interpolated value inside $compile.

Closes #16652
Fixes #16626
2018-08-20 20:05:20 +02:00
Martin Staffa 668a33da34 fix(select): allow to select first option with value undefined
Previously, the value observer incorrectly assumed a value had changed even if
it was the first time it was set, which caused it to remove an option with
the value `undefined` from the internal option map.

Fixes #16653
Closes #16656
2018-08-08 09:18:10 +02:00
John Mantas 19e2347759 docs(ngRepeat): redundant "and" on line 77
Closes #16657
2018-08-07 16:21:28 +03:00
George Kalpakas f17292e1b5 docs(guide/migration): fix typos, format inline code 2018-08-06 15:52:32 +03:00
Martin Staffa 77b4330011 docs(select): remove solved known issue
The issue in question has been resolved some time in 2017.
The bug report is still open, but the behavior has changed:
https://bugzilla.mozilla.org/show_bug.cgi?id=126379

Let's hope they have tests for this!

Related #9134
2018-08-03 18:20:53 +02:00
Martin Staffa 7717de4c51 docs(CHANGELOG.md): add changes for 1.7.3 2018-08-03 13:35:40 +02:00
Jason Bedard e68697e2e3 fix($location): fix infinite recursion/digest on URLs with special characters
Some characters are treated differently by `$location` compared to `$browser` and
the native browser. When comparing URLs across these two services this must be
taken into account.

Fixes #16592
Closes #16611
2018-08-03 13:12:28 +02:00
Martin Staffa a02ed88279 docs($compile): add docs for ngProp and ngOn bindings
The docs are written as if ngProp and ngOn were regular directives,
which makes them easier to find.

Closes #16627
2018-08-03 12:28:27 +02:00
Jason Bedard a5914c94a8 feat($compile): add support for arbitrary DOM property and event bindings
Properties:

Previously only arbitrary DOM attribute bindings were supported via interpolation such as
`my-attribute="{{expression}}"` or `ng-attr-my-attribute="{{expression}}"`, and only a set of
distinct properties could be bound. `ng-prop-*` adds support for binding expressions to any DOM
properties. For example `ng-prop-foo="x"` will assign the value of the expression `x` to the
`foo` property, and re-assign whenever the expression `x` changes.

Events:

Previously only a distinct set of DOM events could be bound using directives such as `ng-click`,
`ng-blur` etc. `ng-on-*` adds support for binding expressions to any DOM event. For example
`ng-on-bar="barOccured($event)"` will add a listener to the "bar" event and invoke the
`barOccured($event)` expression.

Since HTML attributes are case-insensitive, property and event names are specified in snake_case
for `ng-prop-*` and `ng-on-*`. For example, to bind property `fooBar` use `ng-prop-foo_bar`, to
listen to event `fooBar` use `ng-on-foo_bar`.

Fixes #16428
Fixes #16235
Closes #16614
2018-08-03 12:28:17 +02:00
Jason Bedard 63c9c9e8d7 refactor($compile): move img[srcset] sanitizing to helper method 2018-08-03 12:28:08 +02:00
Georgii Dolzhykov 4adbf82a84 fix(ngMock): pass failed HTTP expectations to $exceptionHandler
This was only partially fixed in f18dd2957.

Closes #16644
2018-07-31 14:36:33 +03:00
George Kalpakas 1144b1eccb fix($location): avoid unnecessary $locationChange* events due to empty hash
Fixes #16632

Closes #16636
2018-07-30 23:39:46 +03:00
George Kalpakas 8970087e58 test($location): add assertion 2018-07-30 23:39:45 +03:00
George Kalpakas 131e62a819 refactor($browser): correctly export helper used in specs
The helper is used in `fakeWindow.location.hash`. ATM, no test is using
the `hash` getter, so there were no errors.
2018-07-30 23:39:44 +03:00
George Kalpakas 2fad638237 refactor($location): remove unnecessary capturing group in RegExp 2018-07-30 23:39:44 +03:00
George Kalpakas a0940895a2 refactor($location): minor changes (unused deps, exported globals, unused deps, etc) 2018-07-30 23:39:43 +03:00
Martin Staffa 0a1db2ad5f fix(Angular): add workaround for Safari / Webdriver problem
Closes #16645
2018-07-28 13:50:25 +03:00
George Kalpakas 4bd4246906 fix($animate): avoid memory leak with $animate.enabled(element, enabled)
When disabling/enabling animations on a specific element (via
`$animate.enabled(element, enabled)`), the element is added in a map to
track its state. Previously, the element was never removed from the map,
causing AngularJS to hold on to the element even after it is removed
from the DOM, thus preventing it from being garbage collected.

This commit fixes it by removing the element from the map on `$destroy`.

Fixes #16637.

Closes #16649
2018-07-27 20:48:38 +03:00
Martin Staffa 05ac702bc7 fix($compile): use correct parent element when requiring on html element
Fixes #16535
Closes #16647
2018-07-27 17:11:16 +02:00
Martin Staffa 6882113bc1 fix(ngEventDirs): pass error in handler to $exceptionHandler when event was triggered in a digest
This ensures that the error handling is the same for events triggered inside and outside a digest.
2018-07-25 13:39:33 +02:00
Mark Gardner 535ee32a0b fix(ngEventDirs): don't wrap the event handler in $apply if already in $digest
Digest cycle already in progress error can inadvertently be caused when triggering an
element's click event while within an active digest cycle. This is due to the ngEventsDirs
event handler always calling $rootScope.$apply regardless of the status of $rootScope.$$phase.
Checking the phase and calling the function immediately if within an active digest cycle
will prevent the problem without reducing current functionality.

Closes #14673
Closes #14674
2018-07-25 13:39:29 +02:00
George Kalpakas 7cf4a2933c fix(angular.element): do not break on cleanData() if _data() returns undefined
This shouldn't happen in supported jQuery versions (2+), but if someone
uses the unsupported 1.x version the app will break. The change that
causes this new behavior was introduced in b7d396b8b.

Even though jQuery 1.x is not supported, it is worth avoiding the
unnecessary breakage (given how simple).

Fixes #16641

Closes #16642
2018-07-23 14:22:11 +03:00
George Kalpakas 7dd6c87eec docs(browserTrigger): document eventData.data property 2018-07-22 19:09:50 +03:00
George Kalpakas 17f963c5d8 docs($route): fix typo (inluding --> including) 2018-07-22 18:45:49 +03:00
Jason Bedard ba09ba5344 refactor($location): move repeated path normalization code into helper method (#16618)
Closes #16618
2018-07-22 18:01:03 +03:00
George Kalpakas 8c36a43e91 docs(ngMock/$interval.flush): fix param type (not optional)
Closes #16640
2018-07-22 17:33:16 +03:00
George Kalpakas af14d67b84 chore(saucelabs): upgrade sauce-connect to latest version
Closes #16639
2018-07-21 13:40:35 +03:00
George Kalpakas c8acff1cdc chore(karma): upgrade karma and related dependencies to latest versions 2018-07-21 13:40:34 +03:00
George Kalpakas 876e9842a2 docs(ngMocks): fix type for $flushPendingTasks/$verifyPendingsTasks
Closes #16638
2018-07-21 10:47:01 +03:00
George Kalpakas 5cb9465093 docs(ngMock/$timeout): deprecate flush() and verifyNoPendingTasks()
Closes #16603
2018-07-13 13:37:22 +03:00
George Kalpakas 58f9413ad3 docs(ngMock/$timeout): recommend $verifyNoPendingTasks() when appropriate
For historical reasons, `$timeout.verifyNoPendingTasks()` throws if
there is any type of task pending (even if it is not a timeout). When
calling `$timeout.verifyNoPendingTasks()`, the user is most likely
interested in verifying pending timeouts only, which is now possible
with `$verifyNoPendingTasks('$timeout')`.

To raise awareness of `$verifyNoPendingTasks()`, it is mentioned in the
error message thrown by `$timeoutverifyNoPendingTasks()` if none of the
pending tasks is a timeout.
2018-07-13 13:37:20 +03:00
George Kalpakas 6f7674a7d0 feat(ngMock): add $flushPendingTasks() and $verifyNoPendingTasks()
`$flushPendingTasks([delay])` allows flushing all pending tasks (or up
to a specific delay). This includes `$timeout`s, `$q` promises and tasks
scheduled via `$rootScope.$applyAsync()` and `$rootScope.$evalAsync()`.
(ATM, it only flushes tasks scheduled via `$browser.defer()`, which does
not include `$http` requests and `$route` transitions.)

`$verifyNoPendingTasks([taskType])` allows verifying that there are no
pending tasks (in general or of a specific type). This includes tasks
flushed by `$flushPendingTasks()` as well as pending `$http` requests
and in-progress `$route` transitions.

Background:
`ngMock/$timeout` has `flush()` and `verifyNoPendingTasks()` methods,
but they take all kinds of tasks into account which is confusing. For
example, `$timeout.verifyNoPendingTasks()` can fail (even if there are
no pending timeouts) because of an unrelated pending `$http` request.

This behavior is retained for backwards compatibility, but the new
methods are more generic (and thus less confusing) and also allow
more fine-grained control (when appropriate).

Closes #14336
2018-07-13 13:37:17 +03:00
George Kalpakas 8dc153db75 refactor($browser): share task-tracking code between $browser and ngMock/$browser
This avoids code/logic duplication and helps the implementations stay
in-sync.
2018-07-13 13:37:15 +03:00
George Kalpakas 4a6f0996f6 refactor($interval): share code between $interval and ngMock/$interval
This avoids code/logic duplication and helps the implementations stay
in-sync.
2018-07-13 13:37:12 +03:00
George Kalpakas 522d581fc9 refactor(ngMock/$interval): more closely follow actual $interval's internal implementation 2018-07-13 13:36:38 +03:00
George Kalpakas 17b139f107 feat(*): implement more granular pending task tracking
Previously, all pending async tasks (tracked via `$browser`) are treated
the same. I.e. things like `$$testability.whenStable()` and
`ngMock#$timeout.verifyNoPendingTasks()` take all tasks into account.

Yet, in some cases we might be interested in specific tasks only. For
example, if one wants to verify there are no pending `$timeout`s, they
don't care if there are other pending tasks, such as `$http` requests.
Similarly, one might want to get notified when all `$http` requests have
completed and does not care about pending promises.

This commit adds support for more granular task tracking, by enabling
callers to specify the type of task that is being added/removed from the
queue and enabling listeners to be triggered when specific types of
tasks are completed (even if there are more pending tasks of different
types).

The change is backwards compatible. I.e. calling the affected methods
with no explicit task-type, behaves the same as before.

Related to #14336.
2018-07-13 13:35:50 +03:00
George Kalpakas 10973c3366 fix($compile): work around Firefox DocumentFragment bug
DOM nodes passed to `compilationGenerator()` will eventually be wrapped
in `jqLite`, when the compilation actually happens. In Firefox 60+,
there seems to be a `DocumentFragment`-related bug that sometimes causes
the `childNodes` to be empty at the time the compilation happens.

This commit works around this bug by eagerly wrapping `childNodes` in
`jqLite`.

NOTE:
The wrapped nodes have references to their `DocumentFragment` container.
This is "by design", since we want to be able to traverse the nodes via
`nextSibling` (in order to correctly handle multi-element directives).

Once the nodes are compiled, they will be either moved to a new
container element or the `jqLite` wrapper is release making them
eligible for garbage collection. In both cases, the original
`DocumentFragment` container should be eligible for garbage collection
too.

Fixes #16607

Closes #16615
2018-07-09 21:27:26 +03:00
Martin Staffa fc64e68076 feat($animate): add option data to event callbacks
Closes #12697
Closes #13059
2018-07-09 17:11:24 +02:00
Martin Staffa ac5e92de9b docs($animate): clarify possible options and fired events 2018-07-09 17:11:19 +02:00
Matias Niemelä 0936353e9a perf(ngAnimate): avoid repeated calls to addClass/removeClass when animation has no duration
Background:
ngAnimate writes helper classes to DOM elements to see if animations are defined on them. If many
elements have the same definition, and the same parent, we can cache the definition and skip the
application of the helper classes altogether. This helps particularly with large ngRepeat
collections.

Closes #14165
Closes #14166
Closes #16613
2018-07-05 19:46:11 +02:00
Martin Staffa ed22d2fe7b docs(changelog, guide/Migration): add info about $sce BC in 1.7
Closes #16593
Closes #16622
2018-07-05 19:46:10 +02:00
Martin Staffa a5cfa88630 docs(guide/Using Location): change / remove obsolete information 2018-07-05 19:46:09 +02:00
Martin Staffa bbf74f9994 docs(*): fix headlines 2018-07-05 19:46:09 +02:00
Atef Ben Ali 62ad450d60 docs(guide/component): add missing :
Add `:` to `Components have a well-defined lifecycle` title.

Closes #16620
2018-06-29 11:10:55 +03:00
Martin Staffa faa4b17c86 chore: fix eslint error 2018-06-23 17:57:24 +02:00
Pete Bacon Darwin 4d980a8771 chore(docs-app): ensure ToC links contain the path
Without the path the link is always pointing to the
root page, rather than the current page, which means
that copying the link address or opening the page in
a new tab is broken.

Closes #16608
2018-06-22 21:59:46 +01:00
Ilia Choly 369469b4f3 fix(grunt-utils): correctly detect java 32bit support
Closes #16605
2018-06-20 21:14:19 +03:00
Georgii Dolzhykov be417f2854 fix(ngMock/$httpBackend): correctly ignore query params in {expect,when}Route
Previously, a route definition such as
`$httpBackend.whenRoute('GET', '/route/:id')` matched against a URL with
query params, for example `/route/1?q=foo`, would incorrectly include
the query params in `id`: `{id: '1?q=foo', q: 'foo'}`.

This commit fixes it, so that the extracted `params` will now be:
`{id: '1', q: 'foo'}`.

Fixes #14173

Closes #16589
2018-06-18 19:50:10 +03:00
George Kalpakas 3a517c25f6 fix(ngAria): do not scroll when pressing spacebar on custom buttons
By default, pressing spacebar causes the browser to scroll down.
However, when a native button is focused, the button is clicked instead.

`ngAria`'s `ngClick` directive, sets elements up to behave like buttons.
For example, it adds `role="button"` and forwards `ENTER` and `SPACEBAR`
keypresses to the `click` handler (to emulate the behavior of native
buttons).

Yet, pressing spacebar on such an element, still invokes the default
browser behavior of scrolling down.

This commit fixes this, by calling `preventDefault()` on the keyboard
event, thus preventing the default scrolling behavior and making custom
buttons behave closer to native ones.

Closes #14665

Closes #16604
2018-06-18 18:49:50 +03:00
George Kalpakas 29b8dcf387 refactor(ngAria): clean up accessible actions tests 2018-06-18 18:49:21 +03:00
Martin Staffa c9d1e690aa feat(form.FormController): add $getControls()
Closes #16601
Fixes #14749
Closes #14517
Closes #13202
2018-06-18 16:05:39 +02:00
Martin Staffa a47247b5e0 docs(downloading.ngdoc): remove link to Google CDN overview page
AngularJS is no longer listed on the CDN page, because the available versions
were almost always out of date due to the need to manually update the list
2018-06-15 16:18:14 +02:00
Martin Staffa b682213d72 feat(ngModelOptions): add timeStripZeroSeconds and timeSecondsFormat
Closes #10721
Closes #16510
Closes #16584
2018-06-13 13:20:37 +02:00
George Kalpakas 223cf2b5bb docs(CHANGELOG): add release notes for 1.7.2 2018-06-12 16:34:38 +03:00
George Kalpakas c387e0d79d chore(doc-gen): error on unmatched links
Closes #16597
2018-06-12 14:45:22 +03:00
George Kalpakas cbf74d5d64 docs(*): fix dangling or ambiguous links 2018-06-12 14:45:06 +03:00
George Kalpakas a812327acd revert: refactor($compile): remove preAssignBindingsEnabled leftovers
This reverts commit 8e104ee508.

This internal clean-up turned out to break popular UI libraries (e.g.
`ngMaterial`, `ui-bootstrap`) and cause pain to developers.

Fixes #16594

Closes #16595
2018-06-11 17:09:48 +03:00
George Kalpakas 35fce310e9 docs(CHANGELOG): fix links to issues/PRs 2018-06-08 17:10:08 +03:00
George Kalpakas 93a754a490 docs(CHANGELOG): add release notes for 1.7.1 2018-06-08 16:26:22 +03:00
Georgios Kalpakas 7d9d387195 feat(ngAria): add support for ignoring a specific element
Fixes #14602
Fixes #14672

Closes #14833
2018-06-08 11:23:37 +03:00
Georgios Kalpakas feac52d840 refactor(ngAria): move test helpers inside of closure 2018-06-08 11:23:26 +03:00
Georgios Kalpakas f4f571efdf feat($route): add support for the reloadOnUrl configuration option
Enables users to specify that a particular route should not be reloaded after a
URL change (including a change in `$location.path()`), if the new URL maps to
the same route.
The default behavior is still to always load the matched route when any part of
the URL changes.

Related to #1699, #5860, #14999 (potentially closing the first two).

Fixes #7925

Closes #15002
2018-06-08 11:01:35 +03:00
Martin Staffa a8c263c194 feat(ngMessages): add support for default message
add support for showing default message when a truthy value is not matched by an ng-message directive.

Closes #12008
Closes #12213
Closes #16587
2018-06-06 17:54:59 +02:00
Martin Staffa 3d6c45d76e feat(errorHandlingConfig): add option to exclude error params from url
Specific errors, such as those during nested module loading, can create very long
error urls because the error message includes the error stack. These urls create visual
clutter in the browser console, are often not clickable, and may be rejected
by the docs page because they are simply too long.

We've already made improvements to the error display in #16283, which excludes
the error url from error parameters, which results in cleaner error messages.

Further, modern browsers restrict console message length intelligently.

This option can still be useful for older browsers like Internet Explorer, or
in general to reduce visual clutter in the console.

Closes #14744
Closes #15707
Closes #16283
Closes #16299 
Closes #16591
2018-06-06 17:54:57 +02:00
Martin Staffa bf841d3512 feat(ngRef): add directive to publish controller, or element into scope
Thanks to @drpicox for the original implementation: PR #14080 

Closes #16511
2018-06-06 17:54:52 +02:00
Christian Oliff a1d88457de docs(.editorconfig): change link to use https 2018-06-06 17:54:40 +02:00
Jakub Freisler b011ae9544 docs(ngAnimate): add "animating between value changes" section
Add a section which covers use case when users need to animate upon
a variable's value changes (not between two states).

Refers #16561

Closes #16582
2018-06-05 23:24:52 +03:00
Georgii Dolzhykov 63fdee6b9c docs($httpBackend): headers param of expect* can be function
Closes #16588
2018-06-04 15:18:34 +03:00
Jakub Freisler 257ebbb514 docs(ngAnimate): refactor of ngAnimate docs
- Synced "animation aware" directives tables in API docs and "Animation"
  guide.
- Sorted tables alphabetically.
- Added info about `ngAnimateSwap` directive.

References #16561

Closes #16581
2018-06-02 11:49:37 +03:00
George Kalpakas 2b6c986736 fix(ngModel): do not throw if view value changes on destroyed scope
This could for example happen if updating the value is debounced (either
by asynchronously calling `$setViewValue()` or via `ngModelOptions`).

Fixes #16583

Closes #16585
2018-05-31 12:31:22 +03:00
Georgii Dolzhykov 2da4950406 refactor($compile): remove preAssignBindingsEnabled leftovers
Now that we don't need to support `preAssignBindingsEnabled` (removed in #15782),
complexity introduced in `$controller` by #7645 can be removed.

One difference with the previous implementation is that all non-ES2015-class controller instances
were available on the element before calling their constructors. Now it depends on the relative
order of controllers. Controller constructors shouldn't be used to access other controllers
(e.g. via `$element.controller(directiveName)`). The recommended way is to use the `require`
property of the directive definition object and the life cycle hooks `$onChanges` or `$onInit`.

See
https://docs.angularjs.org/api/ng/service/$compile#-require-
https://docs.angularjs.org/api/ng/service/$compile#life-cycle-hooks

Closes #16580
2018-05-30 23:05:29 +03:00
George Kalpakas 789db83a8a fix($compile): support transcluding multi-element directives
Previously, transcluding multi-element directives (e.g. `foo-start`/`foo-end`)
was not supported on elements with multi-slot transclusion (a `uterdir` error
was thrown).
This commit fixes it by putting the transcluded nodes into a DocumentFragment,
where they can be traversed via `.nextSibling`.

Fixes #15554
Closes #15555
2018-05-26 17:29:46 +02:00
Martin Staffa ce443792c4 docs(ngMockE2E): add docs for $httpBackend.matchLatestDefinitionEnabled()
Closes #16577
2018-05-26 17:29:43 +02:00
Martin Staffa dd47867bfb chore: try ios 11.2 2018-05-26 11:05:27 +02:00
George Kalpakas f2ebb82ba5 refactor(ngModelOptions): fix ng-closure-runner warning
Without this fix `grunt minall` emits the following warning:
> WARNING - Parse error. Non-JSDoc comment has annotations.
> Did you mean to start it with '/**'?

Closes #16575
2018-05-24 13:02:28 +03:00
Martin Staffa 12698755be chore: set ios 11 in saucelabs to 11.3 2018-05-24 00:02:17 +02:00
Martin Staffa f7d7954904 chore: add platform to ios saucelabs 2018-05-24 00:02:13 +02:00
107 changed files with 7847 additions and 10289 deletions
-509
View File
@@ -1,509 +0,0 @@
# Configuration file for https://circleci.com/gh/angular/angular.js
# Note: YAML anchors allow an object to be re-used, reducing duplication.
# The ampersand declares an alias for an object, then later the `<<: *name`
# syntax dereferences it.
# See http://blog.daemonl.com/2016/02/yaml.html
# To validate changes, use an online parser, eg.
# http://yaml-online-parser.appspot.com/
# CircleCI configuration version
# Version 2.1 allows for extra config reuse features
# https://circleci.com/docs/2.0/reusing-config/#getting-started-with-config-reuse
version: 2.1
# Workspace persisted by the `setup` job to share build artifacts with other jobs.
# https://circleci.com/docs/2.0/workflows/#using-workspaces-to-share-data-among-jobs
# https://circleci.com/blog/deep-diving-into-circleci-workspaces/
var_workspace_location: &workspace_location ~/
# Executor Definitions
# https://circleci.com/docs/2.0/reusing-config/#authoring-reusable-executors
# **NOTE 1**: Pin to exact images using an ID (SHA). See https://circleci.com/docs/2.0/circleci-images/#using-a-docker-image-id-to-pin-an-image-to-a-fixed-version.
# (Using the tag in not necessary when pinning by ID, but include it anyway for documentation purposes.)
executors:
default-executor:
parameters:
resource_class:
type: string
default: medium
docker:
- image: circleci/node:14.16.1@sha256:b094e85848b43209ca83d9bb114d406fe62c75cb73b18c9d8eb1a9c6462c97d4
resource_class: << parameters.resource_class >>
working_directory: ~/ng
cloud-sdk:
description: The docker container to use when running gcp-gcs commands
docker:
- image: google/cloud-sdk:alpine@sha256:7d0cae28cb282b76f2d9babe278c63c910d54f0cceca7a65fdf6806e2b43882e
working_directory: ~/ng
# Filter Definitions
# Filter to run a job on all branches and any `v1.X.Y(-Z)` tags.
# Since the jobs need to run on tagged builds too, a `tags` section has to be explicitly specified.
# (The `branches` section could be omitted, since it defaults to all branches - just being explicit
# here).
# See also https://circleci.com/docs/2.0/workflows/#executing-workflows-for-a-git-tag.
var-filter-run-always: &run-always
filters:
branches:
only: /.*/
tags:
only: /v1\.\d+\.\d.*/
# Filter to run a job when code might need to be deployed - i.e. on builds for the `master` branch.
# (Further checks are needed to determine whether a deployment is actually needed, but these are not
# possible via filters.)
var-filter-run-on-master: &run-on-master
filters:
branches:
only:
- master
tags:
ignore: /.*/
# Filter to run a job when code/docs might need to be deployed - i.e. on tagged builds and on builds
# for master and `v1.*.x` branches.
# (Further checks are needed to determine whether a deployment is actually needed, but these are not
# possible via filters.)
var-filter-run-on-tags-and-master-and-version-branches: &run-on-tags-and-master-and-version-branches
filters:
branches:
only:
- master
- /v1\.\d+\.x/
tags:
only: /v1\.\d+\.\d.*/
# Filter to run a job when docs might need to be deployed - i.e. on builds for `v1.*.x` branches,
# which might correspond to the stable branch.
# (Further checks are needed to determine whether a deployment is actually needed, but these are not
# possible via filters.)
var-filter-run-on-version-branches: &run-on-version-branches
filters:
branches:
only:
- /v1\.\d+\.x/
tags:
ignore: /.*/
# Command Definitions
# https://circleci.com/docs/2.0/reusing-config/#authoring-reusable-commands
commands:
skip_on_pr_and_fork_builds:
description: Skip a job on pull request and fork builds
steps:
- run:
name: Skip this job if this is a pull request or fork build
# Note: Using `CIRCLE_*` env variables (instead of those defined in `env.sh` so that this
# step can be run before `init_environment`.
command: >
if [[ -n "$CIRCLE_PR_NUMBER" ]] ||
[[ "$CIRCLE_PROJECT_USERNAME" != "angular" ]] ||
[[ "$CIRCLE_PROJECT_REPONAME" != "angular.js" ]]; then
echo "Skipping this job, because this is either a pull request or a fork build."
circleci step halt
fi
skip_unless_stable_branch:
description: Skip a job unless this is the stable branch
steps:
- run:
name: Skip this job unless this is the stable branch
command: >
if [[ "$DIST_TAG" != "latest" ]]; then
echo "Skipping deployment, because this is not the stable branch."
circleci step halt
fi
skip_unless_tag_or_master_or_stable_branch:
description: Skip a job unless this is a tag or the master or stable branch
steps:
- run:
name: Skip this job unless this is a tag or the master or stable branch
command: >
if [[ "$CI_GIT_TAG" == "false" ]] &&
[[ "$CI_BRANCH" != "master" ]] &&
[[ "$DIST_TAG" != "latest" ]]; then
echo "Skipping this job, because this is neither a tag nor the master or stable branch."
circleci step halt
fi
custom_attach_workspace:
description: Attach workspace at a predefined location
steps:
- attach_workspace:
at: *workspace_location
# Java is needed for running the Closure Compiler (during the `minall` task).
install_java:
description: Install java
steps:
- run:
name: Install java
command: |
sudo apt-get update
# Install java runtime
sudo apt-get install default-jre
# Initializes the CI environment by setting up common environment variables.
init_environment:
description: Initializing environment (setting up variables)
steps:
- run:
name: Set up environment
environment:
CIRCLE_GIT_BASE_REVISION: << pipeline.git.base_revision >>
CIRCLE_GIT_REVISION: << pipeline.git.revision >>
command: ./.circleci/env.sh
- run:
# Configure git as the CircleCI `checkout` command does.
# This is needed because we only checkout on the setup job.
# Add GitHub to known hosts
name: Configure git
command: |
mkdir -p ~/.ssh
echo 'github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==' >> ~/.ssh/known_hosts
git config --global url."ssh://git@github.com".insteadOf "https://github.com" || true
git config --global gc.auto 0 || true
init_saucelabs_environment:
description: Sets up a domain that resolves to the local host.
steps:
- run:
name: Preparing environment for running tests on Saucelabs.
command: |
# For SauceLabs jobs, we set up a domain which resolves to the machine which launched
# the tunnel. We do this because devices are sometimes not able to properly resolve
# `localhost` or `127.0.0.1` through the SauceLabs tunnel. Using a domain that does not
# resolve to anything on SauceLabs VMs ensures that such requests are always resolved
# through the tunnel, and resolve to the actual tunnel host machine (i.e. the CircleCI VM).
# More context can be found in: https://github.com/angular/angular/pull/35171.
setPublicVar SAUCE_LOCALHOST_ALIAS_DOMAIN "angular-ci.local"
setSecretVar SAUCE_ACCESS_KEY $(echo $SAUCE_ACCESS_KEY | rev)
- run:
# Sets up a local domain in the machine's host file that resolves to the local
# host. This domain is helpful in Saucelabs tests where devices are not able to
# properly resolve `localhost` or `127.0.0.1` through the sauce-connect tunnel.
name: Setting up alias domain for local host.
command: echo "127.0.0.1 $SAUCE_LOCALHOST_ALIAS_DOMAIN" | sudo tee -a /etc/hosts
start_saucelabs:
steps:
- run:
name: Starting Saucelabs tunnel service
command: ./lib/saucelabs/sauce-service.sh start-ready-wait
stop_saucelabs:
steps:
- run:
name: Stopping Saucelabs tunnel service
command: ./lib/saucelabs/sauce-service.sh stop
run_e2e_tests:
parameters:
specs:
type: string
steps:
- custom_attach_workspace
- init_environment
- init_saucelabs_environment
- start_saucelabs
- run:
command: yarn grunt test:circleci-protractor --specs="<< parameters.specs >>"
no_output_timeout: 30m
- stop_saucelabs
run_e2e_tests_jquery:
parameters:
specs:
type: string
steps:
- custom_attach_workspace
- init_environment
- init_saucelabs_environment
- start_saucelabs
- run:
environment:
USE_JQUERY: 1
command: yarn grunt test:circleci-protractor --specs="<< parameters.specs >>"
no_output_timeout: 30m
- stop_saucelabs
# Job definitions
# Jobs can include parameters that are passed in the workflow job invocation.
# https://circleci.com/docs/2.0/reusing-config/#authoring-parameterized-jobs
jobs:
setup:
executor: default-executor
steps:
- checkout
- init_environment
- install_java
- run:
name: Running Yarn install
command: yarn install --frozen-lockfile --non-interactive
# Yarn's requests sometimes take more than 10mins to complete.
no_output_timeout: 45m
- run: yarn grunt package
# Persist any changes at this point to be reused by further jobs.
# **NOTE**: To add new content to the workspace, always persist on the same root.
- persist_to_workspace:
root: *workspace_location
paths:
- ./ng
lint:
executor: default-executor
steps:
- custom_attach_workspace
- init_environment
- run: yarn grunt ci-checks
- run: yarn commitplease "$CI_COMMIT_RANGE"
- run: yarn grunt validate-angular-files
unit-test:
executor:
name: default-executor
steps:
- custom_attach_workspace
- init_environment
- install_java
- init_saucelabs_environment
- run: yarn grunt test:promises-aplus
- run:
command: yarn grunt test:jqlite --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
- run:
command: yarn grunt test:modules --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
- run:
command: yarn grunt test:docs --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
unit-test-jquery:
executor:
name: default-executor
steps:
- custom_attach_workspace
- init_environment
- init_saucelabs_environment
- run:
command: yarn grunt test:jquery --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
- run:
command: yarn grunt test:jquery-2.2 --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
- run:
command: yarn grunt test:jquery-2.1 --browsers="$BROWSERS" --reporters=spec
no_output_timeout: 10m
e2e-test-1:
executor:
name: default-executor
steps:
- run_e2e_tests:
specs: test/e2e/tests/**/*.js
e2e-test-2a:
executor:
name: default-executor
steps:
- run_e2e_tests:
specs: build/docs/ptore2e/example-ng*/**/default_test.js
e2e-test-2b:
executor:
name: default-executor
steps:
- run_e2e_tests:
specs: "build/docs/ptore2e/!(example-ng*)/**/default_test.js"
e2e-test-jquery-1:
executor:
name: default-executor
steps:
- run_e2e_tests_jquery:
specs: test/e2e/tests/**/*.js
e2e-test-jquery-2a:
executor:
name: default-executor
steps:
- run_e2e_tests_jquery:
specs: build/docs/ptore2e/example-ng*/**/jquery_test.js
e2e-test-jquery-2b:
executor:
name: default-executor
steps:
- run_e2e_tests_jquery:
specs: build/docs/ptore2e/!(example-ng*)/**/jquery_test.js
prepare-deployment:
executor:
name: default-executor
steps:
- skip_on_pr_and_fork_builds
- custom_attach_workspace
- init_environment
- run: yarn grunt prepareDeploy
# Write the deployment files to the workspace to be used by deploy-docs and deploy-code
- persist_to_workspace:
root: *workspace_location
paths:
- ./ng
# The `deploy-code-files` job should only run when all of these conditions are true for the build:
# - It is for the `angular/angular.js` repository (not a fork).
# - It is not for a pull request.
# - It is for a tag or the master branch or the stable branch(*).
#
# *: The stable branch is the one that has the value `latest` in `package.json > distTag`.
deploy-code-files:
executor:
name: cloud-sdk
steps:
- skip_on_pr_and_fork_builds
- custom_attach_workspace
- init_environment
- skip_unless_tag_or_master_or_stable_branch
- run: ls scripts/code.angularjs.org-firebase/deploy
- run:
name: Authenticate and configure Docker
command: |
echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
- run:
name: Sync files to code.angularjs.org
command: |
gsutil -m rsync -r scripts/code.angularjs.org-firebase/deploy gs://code-angularjs-org-338b8.appspot.com
# The `deploy-code-firebase` job should only run when all of these conditions are true for the build:
# - It is for the `angular/angular.js` repository (not a fork).
# - It is not for a pull request.
# - It is for the master branch.
# (This is enforced via job filters, so we don't need to a step to check it here.)
deploy-code-firebase:
executor:
name: default-executor
steps:
- skip_on_pr_and_fork_builds
- custom_attach_workspace
- init_environment
# Install dependencies for Firebase functions to prevent parsing errors during deployment.
# See https://github.com/angular/angular.js/pull/16453.
- run:
name: Install dependencies in `scripts/code.angularjs.org-firebase/functions/`.
working_directory: scripts/code.angularjs.org-firebase/functions
command: yarn install --frozen-lockfile --ignore-engines --non-interactive
- run:
name: Deploy to Firebase from `scripts/code.angularjs.org-firebase/`.
working_directory: scripts/code.angularjs.org-firebase
command: |
# Do not use `yarn firebase` as that causes the Firebase CLI to look for `firebase.json`
# in the root directory, even if run from inside `scripts/code.angularjs.org-firebase/`.
firebase=$(yarn bin)/firebase
$firebase use
$firebase deploy --message "Commit:\ $CI_COMMIT" --non-interactive --token "$FIREBASE_TOKEN"
# The `deploy-docs` job should only run when all of these conditions are true for the build:
# - It is for the `angular/angular.js` repository (not a fork).
# - It is not for a pull request.
# - It is for the stable branch(*).
#
# *: The stable branch is the one that has the value `latest` in `package.json > distTag`.
deploy-docs:
executor:
name: default-executor
steps:
- skip_on_pr_and_fork_builds
- custom_attach_workspace
- init_environment
- skip_unless_stable_branch
# Install dependencies for Firebase functions to prevent parsing errors during deployment.
# See https://github.com/angular/angular.js/pull/16453.
- run:
name: Install dependencies in `scripts/docs.angularjs.org-firebase/functions/`.
working_directory: scripts/docs.angularjs.org-firebase/functions
command: yarn install --frozen-lockfile --ignore-engines --non-interactive
- run:
name: Deploy to Firebase from `scripts/docs.angularjs.org-firebase/`.
working_directory: scripts/docs.angularjs.org-firebase
command: |
# Do not use `yarn firebase` as that causes the Firebase CLI to look for `firebase.json`
# in the root directory, even if run from inside `scripts/docs.angularjs.org-firebase/`.
firebase=$(yarn bin)/firebase
$firebase use
$firebase deploy --message "Commit:\ $CI_COMMIT" --non-interactive --token "$FIREBASE_TOKEN"
workflows:
version: 2
default_workflow:
jobs:
- setup:
<<: *run-always
- lint:
<<: *run-always
requires:
- setup
- unit-test:
<<: *run-always
requires:
- setup
- unit-test-jquery:
<<: *run-always
requires:
- setup
- e2e-test-1:
<<: *run-always
requires:
- setup
- e2e-test-2a:
<<: *run-always
requires:
- setup
- e2e-test-2b:
<<: *run-always
requires:
- setup
- e2e-test-jquery-1:
<<: *run-always
requires:
- setup
- e2e-test-jquery-2a:
<<: *run-always
requires:
- setup
- e2e-test-jquery-2b:
<<: *run-always
requires:
- setup
- prepare-deployment:
<<: *run-on-tags-and-master-and-version-branches
requires:
- setup
- lint
- unit-test
- unit-test-jquery
- e2e-test-1
- e2e-test-2a
- e2e-test-2b
- e2e-test-jquery-1
- e2e-test-jquery-2a
- e2e-test-jquery-2b
- deploy-code-files:
<<: *run-on-tags-and-master-and-version-branches
requires:
- prepare-deployment
- deploy-code-firebase:
<<: *run-on-master
requires:
- prepare-deployment
- deploy-docs:
<<: *run-on-version-branches
requires:
- prepare-deployment
-73
View File
@@ -1,73 +0,0 @@
####################################################################################################
# Helpers for defining environment variables for CircleCI.
#
# In CircleCI, each step runs in a new shell. The way to share ENV variables across steps is to
# export them from `$BASH_ENV`, which is automatically sourced at the beginning of every step (for
# the default `bash` shell).
#
# See also https://circleci.com/docs/2.0/env-vars/#using-bash_env-to-set-environment-variables.
####################################################################################################
# Set and print an environment variable.
#
# Use this function for setting environment variables that are public, i.e. it is OK for them to be
# visible to anyone through the CI logs.
#
# Usage: `setPublicVar <name> <value>`
function setPublicVar() {
setSecretVar $1 "$2";
echo "$1=$2";
}
# Set (without printing) an environment variable.
#
# Use this function for setting environment variables that are secret, i.e. should not be visible to
# everyone through the CI logs.
#
# Usage: `setSecretVar <name> <value>`
function setSecretVar() {
# WARNING: Secrets (e.g. passwords, access tokens) should NOT be printed.
# (Keep original shell options to restore at the end.)
local -r originalShellOptions=$(set +o);
set +x -eu -o pipefail;
echo "export $1=\"${2:-}\";" >> $BASH_ENV;
# Restore original shell options.
eval "$originalShellOptions";
}
# Create a function to set an environment variable, when called.
#
# Use this function for creating setter for public environment variables that require expensive or
# time-consuming computaions and may not be needed. When needed, you can call this function to set
# the environment variable (which will be available through `$BASH_ENV` from that point onwards).
#
# Arguments:
# - `<name>`: The name of the environment variable. The generated setter function will be
# `setPublicVar_<name>`.
# - `<code>`: The code to run to compute the value for the variable. Since this code should be
# executed lazily, it must be properly escaped. For example:
# ```sh
# # DO NOT do this:
# createPublicVarSetter MY_VAR "$(whoami)"; # `whoami` will be evaluated eagerly
#
# # DO this isntead:
# createPublicVarSetter MY_VAR "\$(whoami)"; # `whoami` will NOT be evaluated eagerly
# ```
#
# Usage: `createPublicVarSetter <name> <code>`
#
# Example:
# ```sh
# createPublicVarSetter MY_VAR 'echo "FOO"';
# echo $MY_VAR; # Not defined
#
# setPublicVar_MY_VAR;
# source $BASH_ENV;
# echo $MY_VAR; # FOO
# ```
function createPublicVarSetter() {
echo "setPublicVar_$1() { setPublicVar $1 \"$2\"; }" >> $BASH_ENV;
}
-69
View File
@@ -1,69 +0,0 @@
#!/usr/bin/env bash
# Variables
readonly projectDir=$(realpath "$(dirname ${BASH_SOURCE[0]})/..")
readonly envHelpersPath="$projectDir/.circleci/env-helpers.inc.sh";
# Load helpers and make them available everywhere (through `$BASH_ENV`).
source $envHelpersPath;
echo "source $envHelpersPath;" >> $BASH_ENV;
####################################################################################################
# Define PUBLIC environment variables for CircleCI.
####################################################################################################
# See https://circleci.com/docs/2.0/env-vars/#built-in-environment-variables for more info.
####################################################################################################
setPublicVar CI "$CI"
setPublicVar PROJECT_ROOT "$projectDir";
# This is the branch being built; e.g. `pull/12345` for PR builds.
setPublicVar CI_BRANCH "$CIRCLE_BRANCH";
setPublicVar CI_BUILD_URL "$CIRCLE_BUILD_URL";
setPublicVar CI_COMMIT "$CIRCLE_SHA1";
setPublicVar CI_GIT_BASE_REVISION "${CIRCLE_GIT_BASE_REVISION}";
setPublicVar CI_GIT_REVISION "${CIRCLE_GIT_REVISION}";
setPublicVar CI_GIT_TAG "${CIRCLE_TAG:-false}";
setPublicVar CI_COMMIT_RANGE "$CIRCLE_GIT_BASE_REVISION..$CIRCLE_GIT_REVISION";
setPublicVar CI_PULL_REQUEST "${CIRCLE_PR_NUMBER:-false}";
setPublicVar CI_REPO_NAME "$CIRCLE_PROJECT_REPONAME";
setPublicVar CI_REPO_OWNER "$CIRCLE_PROJECT_USERNAME";
setPublicVar CI_PR_REPONAME "$CIRCLE_PR_REPONAME";
setPublicVar CI_PR_USERNAME "$CIRCLE_PR_USERNAME";
####################################################################################################
# Define SauceLabs environment variables for CircleCI.
####################################################################################################
setPublicVar BROWSER_PROVIDER "saucelabs"
# The currently latest-1 version of desktop Safari on Saucelabs (v12.0) is unstable and disconnects
# consistently. The latest version (v12.1) works fine.
# TODO: Add `SL_Safari-1` back, once it no longer corresponds to v12.0.
setPublicVar BROWSERS "SL_Chrome,SL_Chrome-1,\
SL_Firefox,SL_Firefox-1,\
SL_Safari,\
SL_iOS,SL_iOS-1,\
SL_IE_9,SL_IE_10,SL_IE_11,\
SL_EDGE,SL_EDGE-1"
setPublicVar SAUCE_LOG_FILE /tmp/angular/sauce-connect.log
setPublicVar SAUCE_READY_FILE /tmp/angular/sauce-connect-ready-file.lock
setPublicVar SAUCE_PID_FILE /tmp/angular/sauce-connect-pid-file.lock
setPublicVar SAUCE_TUNNEL_IDENTIFIER "angularjs-framework-${CIRCLE_BUILD_NUM}-${CIRCLE_NODE_INDEX}"
# Amount of seconds we wait for sauceconnect to establish a tunnel instance. In order to not
# acquire CircleCI instances for too long if sauceconnect failed, we need a connect timeout.
setPublicVar SAUCE_READY_FILE_TIMEOUT 120
####################################################################################################
# Define additional environment variables
####################################################################################################
# NOTE: Make sure the tools used to compute this are available in all executors in `config.yml`.
setPublicVar DIST_TAG $( cat package.json | grep distTag | sed -E 's/^\s*"distTag"\s*:\s*"([^"]+)"\s*,\s*$/\1/' )
####################################################################################################
####################################################################################################
## Source `$BASH_ENV` to make the variables available immediately. ##
## *** NOTE: This must remain the last command in this script. *** ##
####################################################################################################
####################################################################################################
source $BASH_ENV;
+1 -1
View File
@@ -15,7 +15,7 @@
// Stylistic issues
"block-spacing": ["error", "always"],
"comma-spacing": "error",
"id-denylist": ["error", "event"],
"id-blacklist": ["error", "event"],
"indent": ["error", 2],
"key-spacing": ["error", { "beforeColon": false, "afterColon": true, "mode": "minimum" }],
"object-curly-spacing": ["error", "never"],
+1 -1
View File
@@ -31,7 +31,7 @@ please provide the *STEPS TO REPRODUCE* and if possible a *MINIMAL DEMO* of the
https://plnkr.co or similar (you can use this template as a starting point: http://plnkr.co/edit/tpl:yBpEi4).
-->
**AngularJS version:** 1.8.x
**AngularJS version:** 1.7.x
<!-- Check whether this is still an issue in the most recent stable or in the snapshot AngularJS
version (https://code.angularjs.org/snapshot/) -->
+1 -3
View File
@@ -1,4 +1,5 @@
/build/
/deploy/
/benchpress-build/
.DS_Store
gen_docs.disable
@@ -22,6 +23,3 @@ npm-debug.log
.vscode
*.log
*.stackdump
scripts/code.angularjs.org-firebase/deploy
scripts/docs.angularjs.org-firebase/deploy
scripts/docs.angularjs.org-firebase/functions/content
+1 -1
View File
@@ -1 +1 @@
14.16.1
8
+104
View File
@@ -0,0 +1,104 @@
language: node_js
sudo: false
node_js:
- '8'
cache:
yarn: true
branches:
except:
- "/^g3_.*$/"
env:
matrix:
- JOB=ci-checks
- JOB=unit-core BROWSER_PROVIDER=saucelabs
- JOB=unit-jquery BROWSER_PROVIDER=saucelabs
- JOB=unit-modules BROWSER_PROVIDER=saucelabs
- JOB=docs-app BROWSER_PROVIDER=saucelabs
- JOB=e2e TEST_TARGET=jqlite BROWSER_PROVIDER=saucelabs
- JOB=e2e TEST_TARGET=jquery BROWSER_PROVIDER=saucelabs
global:
- SAUCE_USERNAME=angular-ci
- SAUCE_ACCESS_KEY=9b988f434ff8-fbca-8aa4-4ae3-35442987
- LOGS_DIR=/tmp/angular-build/logs
- BROWSER_PROVIDER_READY_FILE=/tmp/browsersprovider-tunnel-ready
- secure: oTBjhnOKhs0qDSKTf7fE4f6DYiNDPycvB7qfSF5QRIbJK/LK/J4UtFwetXuXj79HhUZG9qnoT+5e7lPaiaMlpsIKn9ann7ffqFWN1E8TMtpJF+AGigx3djYElwfgf5nEnFUFhwjFzvbfpZNnxVGgX5YbIZpe/WUbHkP4ffU0Wks=
before_install:
- curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.10.1
- export PATH="$HOME/.yarn/bin:$PATH"
before_script:
- du -sh ./node_modules || true
- "./scripts/travis/before_build.sh"
script:
- "./scripts/travis/build.sh"
after_script:
- "./scripts/travis/tear_down_browser_provider.sh"
- "./scripts/travis/print_logs.sh"
notifications:
webhooks:
urls:
- https://webhooks.gitter.im/e/d2120f3f2bb39a4531b2
- http://104.197.9.155:8484/hubot/travis/activity #hubot-server
on_success: always # options: [always|never|change] default: always
on_failure: always # options: [always|never|change] default: always
on_start: always # default: false
jobs:
include:
- stage: deploy
# Don't deploy from PRs. Only deploy from our default branches, or if commit is tagged.
# This is a Travis-specific boolean language: https://docs.travis-ci.com/user/conditional-builds-stages-jobs#Specifying-conditions
# The deployment logic for pushed branches is further defined in scripts\travis\build.sh
if: type != pull_request and (branch =~ ^(v1\.\d+\.x|master)$ or tag IS present)
env:
- JOB=deploy
before_script: skip
script:
# Export the variables into the current process
- . ./scripts/travis/build.sh
- "echo DEPLOY_DOCS: $DEPLOY_DOCS, DEPLOY_CODE: $DEPLOY_CODE"
after_script: skip
# Work around the 10min Travis timeout so the code.angularjs firebase+gcs code deploy can complete
# Only run the keep_alive once (before_deploy is run for each provider)
before_deploy: |
if ! [ "$BEFORE_DEPLOY_RUN" ]; then
export BEFORE_DEPLOY_RUN=1;
function keep_alive() {
while true; do
echo -en "\a"
sleep 10
done
}
keep_alive &
fi
deploy:
- provider: firebase
# the upload folder for firebase is configured in /firebase.json
skip_cleanup: true
project: docs-angularjs-org-9p2
token:
secure: $FIREBASE_TOKEN
on:
repo: angular/angular.js
all_branches: true
condition: "$DEPLOY_DOCS == true"
- provider: gcs
skip_cleanup: true
access_key_id: GOOGLDB7W2J3LFHICF3R
secret_access_key:
secure: tHIFdSq55qkyZf9zT/3+VkhUrTvOTMuswxXU3KyWaBrSieZqG0UnUDyNm+n3lSfX95zEl/+rJAWbfvhVSxZi13ndOtvRF+MdI1cvow2JynP0aDSiPffEvVrZOmihD6mt2SlMfhskr5FTduQ69kZG6DfLcve1PPDaIwnbOv3phb8=
bucket: code-angularjs-org-338b8.appspot.com
local-dir: deploy/code
detect_encoding: true # detects gzip compression
on:
repo: angular/angular.js
all_branches: true
condition: "$DEPLOY_CODE == true"
-86
View File
@@ -1,89 +1,3 @@
**AngularJS support has officially ended as of January 2022.
[See what ending support means](https://docs.angularjs.org/misc/version-support-status)
and [read the end of life announcement](https://goo.gle/angularjs-end-of-life).**
**Visit [angular.io](https://angular.io) for the actively supported Angular.**
<a name="1.8.3"></a>
# 1.8.3 ultimate-farewell (2022-04-07)
One final release of AngularJS in order to update package README files on npm.
<a name="1.8.2"></a>
# 1.8.2 meteoric-mining (2020-10-21)
## Bug Fixes
- **$sceDelegate:** ensure that `resourceUrlWhitelist()` is identical to `trustedResourceUrlList()`
([e41f01](https://github.com/angular/angular.js/commit/e41f018959934bfbf982ba996cd654b1fce88d43),
[#17090](https://github.com/angular/angular.js/issues/17090))
<a name="1.8.1"></a>
# 1.8.1 mutually-supporting (2020-09-30)
## Bug Fixes
- **$sanitize:** do not trigger CSP alert/report in Firefox and Chrome
([2fab3d](https://github.com/angular/angular.js/commit/2fab3d4e00f4fe35bfa3cf255160cb97404baf24))
## Refactorings
- **SanitizeUriProvider:** remove usages of whitelist
([76738102](https://github.com/angular/angular.js/commit/767381020d88bda2855ac87ca6f00748907e14ff))
- **httpProvider:** remove usages of whitelist and blacklist
([c953af6b](https://github.com/angular/angular.js/commit/c953af6b8cfeefe4acc0ca358550eed5da8cfe00))
- **sceDelegateProvider:** remove usages of whitelist and blacklist
([a206e267](https://github.com/angular/angular.js/commit/a206e2675c351c3cdcde3402978126774c1c5df9))
## Deprecation Notices
- Deprecated ~~`$compileProvider.aHrefSanitizationWhitelist`~~.
It is now [`aHrefSanitizationTrustedUrlList`](https://docs.angularjs.org/api/ng/provider/$compileProvider#aHrefSanitizationTrustedUrlList).
- Deprecated ~~`$compileProvider.imgSrcSanitizationWhitelist`~~.
It is now [`imgSrcSanitizationTrustedUrlList`](https://docs.angularjs.org/api/ng/provider/$compileProvider#imgSrcSanitizationTrustedUrlList).
- Deprecated ~~`$httpProvider.xsrfWhitelistedOrigins`~~.
It is now [`xsrfTrustedOrigins`](https://docs.angularjs.org/api/ng/provider/$httpProvider#xsrfTrustedOrigins).
- Deprecated ~~`$sceDelegateProvider.resourceUrlWhitelist`~~.
It is now [`trustedResourceUrlList`](https://docs.angularjs.org/api/ng/provider/$sceDelegateProvider#trustedResourceUrlList).
- Deprecated ~~`$sceDelegateProvider.resourceUrlBlacklist`~~.
It is now [`bannedResourceUrlList`](https://docs.angularjs.org/api/ng/provider/$sceDelegateProvider#bannedResourceUrlList).
For the purposes of backward compatibility, the previous symbols are aliased to their new symbol.
<a name="1.8.0"></a>
# 1.8.0 nested-vaccination (2020-06-01)
_This release contains a breaking change to resolve a security issue which was discovered by
Krzysztof Kotowicz(@koto); and independently by Esben Sparre Andreasen (@esbena) while
performing a Variant Analysis of [CVE-2020-11022](https://github.com/advisories/GHSA-gxr4-xjj5-5px2)
which itself was found and reported by Masato Kinugawa (@masatokinugawa)._
## Bug Fixes
- **jqLite:**
- prevent possible XSS due to regex-based HTML replacement
([2df43c](https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd))
## Breaking Changes
### **jqLite** due to:
- **[2df43c](https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd)**: prevent possible XSS due to regex-based HTML replacement
JqLite no longer turns XHTML-like strings like `<div /><span />` to sibling elements `<div></div><span></span>`
when not in XHTML mode. Instead it will leave them as-is. The browser, in non-XHTML mode, will convert these to:
`<div><span></span></div>`.
This is a security fix to avoid an XSS vulnerability if a new jqLite element is created from a user-controlled HTML string.
If you must have this functionality and understand the risk involved then it is posible to restore the original behavior by calling
```js
angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement();
```
But you should adjust your code for this change and remove your use of this function as soon as possible.
Note that this only patches jqLite. If you use jQuery 3.5.0 or newer, please read the [jQuery 3.5 upgrade guide](https://jquery.com/upgrade-guide/3.5/) for more details about the workarounds.
<a name="1.7.9"></a>
# 1.7.9 pollution-eradication (2019-11-19)
+4 -4
View File
@@ -125,8 +125,8 @@ Before you submit your pull request consider the following guidelines:
* Follow our [Coding Rules][developers.rules].
* If the changes affect public APIs, change or add relevant [documentation][developers.documentation].
* Run the AngularJS [unit][developers.tests-unit] and [E2E test][developers.tests-e2e] suites, and ensure that all tests
pass. It is generally sufficient to run the tests only on Chrome, as our continuous integration test will
run the tests on additional browsers.
pass. It is generally sufficient to run the tests only on Chrome, as our Travis integration will
run the tests on all supported browsers.
* Run `yarn grunt eslint` to check that you have followed the automatically enforced coding rules
* Commit your changes using a descriptive commit message that follows our
[commit message conventions][developers.commits]. Adherence to the
@@ -151,9 +151,9 @@ Before you submit your pull request consider the following guidelines:
```
* In GitHub, send a pull request to `angular.js:master`. This will trigger the check of the
[Contributor License Agreement](#cla) and the continuous integration tests.
[Contributor License Agreement](#cla) and the Travis integration.
* If you find that the continuous integration tests have failed, look into the logs to find out
* If you find that the Travis integration has failed, look into the logs on Travis to find out
if your changes caused test failures, the commit message was malformed etc. If you find that the
tests failed or times out for unrelated reasons, you can ping a team member so that the build can be
restarted.
+1 -1
View File
@@ -428,7 +428,7 @@ if it is enclosed in &lt;pre&gt;...&lt;/pre&gt; tags and the code lines themselv
It is possible to embed examples in the documentation along with appropriate e2e tests. These
examples and scenarios will be converted to runnable code within the documentation. So it is
important that they work correctly. To ensure this, all these e2e scenarios are run as part of the
continuous integration tests.
automated Travis tests.
If you are adding an example with an e2e test, you should [run the test locally](#e2e-tests) first
to ensure it passes. You can change `it(...)` to `fit(...)` to run only your test,
+39 -18
View File
@@ -14,8 +14,7 @@ var semver = require('semver');
var exec = require('shelljs').exec;
var pkg = require(__dirname + '/package.json');
var codeScriptFolder = util.codeScriptFolder;
var docsScriptFolder = util.docsScriptFolder;
var docsScriptFolder = 'scripts/docs.angularjs.org-firebase';
// Node.js version checks
if (!semver.satisfies(process.version, pkg.engines.node)) {
@@ -46,7 +45,7 @@ if (!match) {
}
// Ensure Node.js dependencies have been installed
if (!process.env.CI) {
if (!process.env.TRAVIS && !process.env.JENKINS_HOME) {
var yarnOutput = exec('yarn install');
if (yarnOutput.code !== 0) {
throw new Error('Yarn install failed: ' + yarnOutput.stderr);
@@ -110,14 +109,16 @@ module.exports = function(grunt) {
},
testserver: {
options: {
// We start the webserver as a separate process from the E2E tests
// We use end2end task (which does not start the webserver)
// and start the webserver as a separate process (in travis_build.sh)
// to avoid https://github.com/joyent/libuv/issues/826
port: 8000,
hostname: '0.0.0.0',
middleware: function(connect, options) {
var base = Array.isArray(options.base) ? options.base[options.base.length - 1] : options.base;
return [
function(req, resp, next) {
// cache GET requests to speed up tests
// cache get requests to speed up tests on travis
if (req.method === 'GET') {
resp.setHeader('Cache-control', 'public, max-age=3600');
}
@@ -159,7 +160,8 @@ module.exports = function(grunt) {
protractor: {
normal: 'protractor-conf.js',
circleci: 'protractor-circleci-conf.js'
travis: 'protractor-travis-conf.js',
jenkins: 'protractor-jenkins-conf.js'
},
@@ -167,9 +169,9 @@ module.exports = function(grunt) {
build: ['build'],
tmp: ['tmp'],
deploy: [
codeScriptFolder + '/deploy',
docsScriptFolder + '/deploy',
docsScriptFolder + '/functions/content'
'deploy/docs',
'deploy/code',
docsScriptFolder + '/functions/html'
]
},
@@ -370,10 +372,11 @@ module.exports = function(grunt) {
},
deployFirebaseCode: {
files: [
// copy files that are not handled by compress
{
cwd: 'build',
src: '**',
dest: codeScriptFolder + '/deploy/' + deployVersion + '/',
src: '**/*.{zip,jpg,jpeg,png}',
dest: 'deploy/code/' + deployVersion + '/',
expand: true
}
]
@@ -383,19 +386,19 @@ module.exports = function(grunt) {
// The source files are needed by the embedded examples in the docs app.
{
src: ['build/angular*.{js,js.map,min.js}', 'build/sitemap.xml'],
dest: docsScriptFolder + '/deploy/',
dest: 'deploy/docs/',
expand: true,
flatten: true
},
{
cwd: 'build/docs',
src: ['**', '!ptore2e/**', '!index*.html'],
dest: docsScriptFolder + '/deploy/',
dest: 'deploy/docs/',
expand: true
},
{
src: 'build/docs/index-production.html',
dest: docsScriptFolder + '/deploy/index.html'
dest: 'deploy/docs/index.html'
},
{
src: 'build/docs/index-production.html',
@@ -404,7 +407,7 @@ module.exports = function(grunt) {
{
cwd: 'build/docs',
src: 'partials/**',
dest: docsScriptFolder + '/functions/content/',
dest: docsScriptFolder + '/functions/content',
expand: true
}
]
@@ -420,6 +423,16 @@ module.exports = function(grunt) {
expand: true,
dot: true,
dest: dist + '/'
},
deployFirebaseCode: {
options: {
mode: 'gzip'
},
// Already compressed files should not be compressed again
src: ['**', '!**/*.{zip,png,jpeg,jpg}'],
cwd: 'build',
expand: true,
dest: 'deploy/code/' + deployVersion + '/'
}
},
@@ -485,9 +498,14 @@ module.exports = function(grunt) {
'connect:testserver',
'protractor:normal'
]);
grunt.registerTask('test:circleci-protractor', 'Run the end to end tests with Protractor for CircleCI builds', [
grunt.registerTask('test:travis-protractor', 'Run the end to end tests with Protractor for Travis CI builds', [
'connect:testserver',
'protractor:circleci'
'protractor:travis'
]);
grunt.registerTask('test:ci-protractor', 'Run the end to end tests with Protractor for Jenkins CI builds', [
'webdriver',
'connect:testserver',
'protractor:jenkins'
]);
grunt.registerTask('test:e2e', 'Alias for test:protractor', ['test:protractor']);
grunt.registerTask('test:promises-aplus',[
@@ -517,7 +535,10 @@ module.exports = function(grunt) {
'eslint'
]);
grunt.registerTask('prepareDeploy', [
'package',
'compress:deployFirebaseCode',
'copy:deployFirebaseCode',
'firebaseDocsJsonForTravis',
'copy:deployFirebaseDocs'
]);
grunt.registerTask('default', ['package']);
@@ -525,7 +546,7 @@ module.exports = function(grunt) {
function reportOrFail(message) {
if (process.env.CI) {
if (process.env.TRAVIS || process.env.JENKINS_HOME) {
throw new Error(message);
} else {
console.log('===============================================================================');
+1 -1
View File
@@ -1,6 +1,6 @@
The MIT License
Copyright (c) 2010-2020 Google LLC. http://angularjs.org
Copyright (c) 2010-2020 Google, Inc. http://angularjs.org
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
+8 -11
View File
@@ -1,4 +1,4 @@
AngularJS [![CircleCI](https://circleci.com/gh/angular/angular.js/tree/master.svg?style=shield)](https://circleci.com/gh/angular/workflows/angular.js/tree/master)
AngularJS [![Build Status](https://travis-ci.org/angular/angular.js.svg?branch=master)](https://travis-ci.org/angular/angular.js)
=========
AngularJS lets you write client-side web applications as if you had a smarter browser. It lets you
@@ -14,11 +14,9 @@ piece of cake. Best of all? It makes development fun!
--------------------
**AngularJS support has officially ended as of January 2022.
[See what ending support means](https://docs.angularjs.org/misc/version-support-status)
and [read the end of life announcement](https://goo.gle/angularjs-end-of-life).**
**On July 1, 2018 AngularJS entered a 3 year Long Term Support period:** [Find out more](https://docs.angularjs.org/misc/version-support-status)
**Visit [angular.io](https://angular.io) for the actively supported Angular.**
**Looking for the new Angular? Go here:** https://github.com/angular/angular
--------------------
@@ -57,12 +55,11 @@ component in an interconnected way like a well-oiled machine. AngularJS is JavaS
and done right. (Well it is not really MVC, read on, to understand what this means.)
#### MVC, no, MV* done the right way!
[MVC](https://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller), short for
Model-View-Controller, is a design pattern, i.e. how the code should be organized and how the
different parts of an application separated for proper readability and debugging. Model is the data
and the database. View is the user interface and what the user sees. Controller is the main link
between Model and View. These are the three pillars of major programming frameworks present on the
market today. On the other hand AngularJS works on MV*, short for Model-View-_Whatever_. The
MVC, short for Model-View-Controller, is a design pattern, i.e. how the code should be organized and
how the different parts of an application separated for proper readability and debugging. Model is
the data and the database. View is the user interface and what the user sees. Controller is the main
link between Model and View. These are the three pillars of major programming frameworks present on
the market today. On the other hand AngularJS works on MV*, short for Model-View-_Whatever_. The
_Whatever_ is AngularJS's way of telling that you may create any kind of linking between the Model
and the View here.
+4 -4
View File
@@ -36,7 +36,7 @@ Usually this will be the commit containing the release notes, but it may also be
## Run "release" script
```bash
scripts/release/release.sh --git-push-dryrun=false --commit-sha=8822a4f --version-number=1.7.6 --version-name=gravity-manipulation
scripts/jenkins/release.sh --git-push-dryrun=false --commit-sha=8822a4f --version-number=1.7.6 --version-name=gravity-manipulation
```
1) The SHA is of the commit to release (could be in the past).
@@ -67,10 +67,10 @@ If we want to make our files available, we need submit our CLs before this time
This is the version used to compute what version to link to in the CDN. If you update this too early then the CDN lookup fails and you end up with 'null, for the version, which breaks the docs.
## Verify angularjs.org download modal has latest version (updates via CI job)
## Verify angularjs.org download modal has latest version (updates via Travis job)
The versions in the modal are updated (based on the versions available on CDN) as part of the CI deploy stage.
(You may need to explicitly trigger the CI job. e.g. re-running the last `deploy` job.)
The versions in the modal are updated (based on the versions available on CDN) as part of the Travis deploy stage: https://github.com/angular/angularjs.org/blob/a4d25c5abcd39e8ce19d31cb1c78073d13c4c974/.travis.yml#L26
(You may need to explicitly trigger the Travis job. e.g. re-running the last job.)
## Announce the release (via official Google accounts)
-16
View File
@@ -1,16 +0,0 @@
# Security Policy
## Supported Versions
**AngularJS support has officially ended as of January 2022.**
[See what ending support means](https://docs.angularjs.org/misc/version-support-status)
and [read the end of life announcement](https://goo.gle/angularjs-end-of-life).
Visit [angular.io](https://angular.io) for the actively supported Angular.
| Version | Supported | Status | Comments |
| ----------- | ------------------ | --------------------- | ------------------------------------ |
| 1.8.x | :x: | All support ended | |
| 1.3.x-1.7.x | :x: | All support ended | |
| 1.2.x | :x: | All support ended | Last version to provide IE 8 support |
| <1.2.0 | :x: | All support ended | |
+3 -3
View File
@@ -478,10 +478,10 @@ iframe.example {
#navbar-sub {
padding-top: 10px;
padding-bottom: 5px;
background: rgba(245,245,245,1);
background: rgba(245,245,245,0.88);
box-shadow: 0 0 2px #999;
z-index: 1028;
top: 57px;
top: 83px;
}
.main-body-grid {
@@ -982,7 +982,7 @@ toc-container > div > toc-tree > ul > li > toc-tree > ul > li toc-tree > ul li {
#navbar-sub {
position: relative;
top: 0;
top: 17px;
margin-top: 80px;
padding-bottom: 0;
margin-bottom: 0;
+2 -2
View File
@@ -55,7 +55,7 @@ angular.module('examples', [])
return function(url, newWindow, fields) {
/**
* If the form posts to target="_blank", pop-up blockers can cause it not to work.
* If a user chooses to bypass pop-up blocker one time and click the link, they will arrive at
* If a user choses to bypass pop-up blocker one time and click the link, they will arrive at
* a new default plnkr, not a plnkr with the desired template. Given this undesired behavior,
* some may still want to open the plnk in a new window by opting-in via ctrl+click. The
* newWindow param allows for this possibility.
@@ -74,7 +74,7 @@ angular.module('examples', [])
}])
.factory('createCopyrightNotice', function() {
var COPYRIGHT = 'Copyright ' + (new Date()).getFullYear() + ' Google LLC. All Rights Reserved.\n'
var COPYRIGHT = 'Copyright ' + (new Date()).getFullYear() + ' Google Inc. All Rights Reserved.\n'
+ 'Use of this source code is governed by an MIT-style license that\n'
+ 'can be found in the LICENSE file at http://angular.io/license';
var COPYRIGHT_JS_CSS = '\n\n/*\n' + COPYRIGHT + '\n*/';
+4 -4
View File
@@ -47,13 +47,13 @@ module.exports = function generateKeywordsProcessor(log, readFilesProcessor) {
}
areasToSearch = _.keyBy(this.areasToSearch);
propertiesToIgnore = _.keyBy(this.propertiesToIgnore);
areasToSearch = _.indexBy(this.areasToSearch);
propertiesToIgnore = _.indexBy(this.propertiesToIgnore);
log.debug('Properties to ignore', propertiesToIgnore);
docTypesToIgnore = _.keyBy(this.docTypesToIgnore);
docTypesToIgnore = _.indexBy(this.docTypesToIgnore);
log.debug('Doc types to ignore', docTypesToIgnore);
var ignoreWordsMap = _.keyBy(wordsToIgnore);
var ignoreWordsMap = _.indexBy(wordsToIgnore);
// If the title contains a name starting with ng, e.g. "ngController", then add the module name
// without the ng to the title text, e.g. "controller".
+1 -1
View File
@@ -224,7 +224,7 @@ module.exports = function generatePagesDataProcessor(log) {
.map(function(doc) {
return _.pick(doc, ['name', 'area', 'path']);
})
.keyBy('path')
.indexBy('path')
.value();
docs.push({
+4 -4
View File
@@ -13,11 +13,11 @@ module.exports = function generateVersionDocProcessor(gitData) {
return {
$runAfter: ['generatePagesDataProcessor'],
$runBefore: ['rendering-docs'],
// Remove rogue builds that are in the npm repository but not on code.angularjs.org
ignoredBuilds: ['1.3.4-build.3588'],
// the blacklist is to remove rogue builds that are in the npm repository but not on code.angularjs.org
blacklist: ['1.3.4-build.3588'],
$process: function(docs) {
var ignoredBuilds = this.ignoredBuilds;
var blacklist = this.blacklist;
var currentVersion = require('../../../build/version.json');
var output = exec('yarn info angular versions --json', { silent: true }).stdout.split('\n')[0];
var allVersions = processAllVersionsResponse(JSON.parse(output).data);
@@ -57,7 +57,7 @@ module.exports = function generateVersionDocProcessor(gitData) {
versions = versions
.filter(function(versionStr) {
return ignoredBuilds.indexOf(versionStr) === -1;
return blacklist.indexOf(versionStr) === -1;
})
.map(function(versionStr) {
return semver.parse(versionStr);
@@ -1,12 +1,3 @@
{# Macros #}
{%- macro addTag(name, attributes) %}
<{$ name $}
{%- for attrName, attrValue in attributes -%}
{$ ' ' + attrName $}="{$ attrValue $}"
{%- endfor -%}
></{$ name $}>
{%- endmacro -%}
<!doctype html>
<html lang="en" ng-app="docsApp" ng-strict-di ng-controller="DocsController">
<head>
@@ -33,27 +24,50 @@
})();
</script>
<script type="text/javascript">
// Dynamically add `<base>` tag.
// dynamically add base tag as well as css and javascript files.
// we can't add css/js the usual way, because some browsers (FF) eagerly prefetch resources
// before the base attribute is added, causing 404 and terribly slow loading of the docs app.
(function() {
var indexFile = (location.pathname.match(/\/(index[^.]*\.html)/) || ['', ''])[1],
rUrl = /(#!\/|api|guide|misc|tutorial|error|index[^.]*\.html).*$/,
var indexFile = (location.pathname.match(/\/(index[^\.]*\.html)/) || ['', ''])[1],
rUrl = /(#!\/|api|guide|misc|tutorial|error|index[^\.]*\.html).*$/,
baseUrl = location.href.replace(rUrl, indexFile),
production = location.hostname === 'docs.angularjs.org',
headEl = document.getElementsByTagName('head')[0],
baseEl = document.createElement('base');
sync = true;
baseEl.setAttribute('href', baseUrl);
headEl.appendChild(baseEl);
addTag('base', {href: baseUrl});
{% for stylesheet in doc.stylesheets %}addTag('link', {rel: 'stylesheet', href: '{$ stylesheet $}', type: 'text/css'});
{% endfor %}
{% for script in doc.scripts %}addTag('script', {src: '{$ script $}' }, sync);
{% endfor %}
function addTag(name, attributes, sync) {
var el = document.createElement(name),
attrName;
for (attrName in attributes) {
el.setAttribute(attrName, attributes[attrName]);
}
sync ? document.write(outerHTML(el)) : headEl.appendChild(el);
}
function outerHTML(node){
// if IE, Chrome take the internal method otherwise build one
return node.outerHTML || (
function(n){
var div = document.createElement('div'), h;
div.appendChild(n);
h = div.innerHTML;
div = null;
return h;
})(node);
}
})();
</script>
{% for stylesheet in doc.stylesheets %}
{$- addTag('link', {rel: 'stylesheet', href: stylesheet, type: 'text/css'}) -$}
{% endfor %}
{% for script in doc.scripts %}
{$- addTag('script', {src: script}) -$}
{% endfor %}
<script type="text/javascript">
// GA asynchronous tracker
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-8594346-3']);
@@ -142,18 +156,21 @@
</div>
</div>
</nav>
<nav id="navbar-notice" class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container">
<p class="site-notice visible-phone">
This site refers to AngularJS (v1.x). <a href="https://angular.io/">Go to the latest Angular</a>.
</p>
<p class="site-notice visible-desktop">
This site and all of its contents are referring to AngularJS (version 1.x),
if you are looking for the latest Angular, please visit <a href="https://angular.io/">angular.io</a>.
</p>
</div>
</div>
</nav>
<nav id="navbar-sub" class="sup-header navbar navbar-fixed-top" scroll-y-offset-element ng-cloak>
<div class="container main-grid main-header-grid">
<p class="site-notice">
AngularJS support has officially ended as of January 2022.
<a href="https://docs.angularjs.org/misc/version-support-status">
See what ending support means
</a> and
<a href="https://goo.gle/angularjs-end-of-life">
read the end of life announcement</a>.<br>
Visit <a href="https://angular.io">angular.io</a> for the actively supported
Angular.
</p>
<div class="grid-left">
<version-picker></version-picker>
</div>
+2 -5
View File
@@ -3,12 +3,9 @@
@description
# AngularJS API Docs
<div class="alert alert-warning">
AngularJS support has officially ended as of January 2022.
[See what ending support means](https://docs.angularjs.org/misc/version-support-status)
and [read the end of life announcement](https://goo.gle/angularjs-end-of-life).
Visit [angular.io](https://angular.io) for the actively supported Angular.
<div class="alert alert-warning">
**On July 1, 2018 AngularJS entered a 3 year Long Term Support period:** [Find out more](misc/version-support-status).
</div>
## Welcome to the AngularJS API docs page.
+1 -1
View File
@@ -5,7 +5,7 @@
Occurs when an expression is trying to assign a value to a non-assignable expression.
This can happen if the left side of an assignment is not a valid reference to a variable
This can happen if the left side of an assigment is not a valid reference to a variable
or property. E.g. In the following snippet `1+2` is not assignable.
```
+3 -3
View File
@@ -3,7 +3,7 @@
@fullName Invalid matcher (only string patterns and RegExp instances are supported)
@description
Please see {@link $sceDelegateProvider#trustedResourceUrlList
$sceDelegateProvider.trustedResourceUrlList} and {@link
$sceDelegateProvider#bannedResourceUrlList $sceDelegateProvider.bannedResourceUrlList} for the
Please see {@link $sceDelegateProvider#resourceUrlWhitelist
$sceDelegateProvider.resourceUrlWhitelist} and {@link
$sceDelegateProvider#resourceUrlBlacklist $sceDelegateProvider.resourceUrlBlacklist} for the
list of acceptable items.
+2 -2
View File
@@ -15,8 +15,8 @@ By default, only URLs that belong to the same origin are trusted. These are urls
The {@link ng.directive:ngInclude ngInclude} directive and {@link guide/directive directives} that specify a `templateUrl` require a trusted resource URL.
To load templates from other domains and/or protocols, either adjust the {@link
ng.$sceDelegateProvider#trustedResourceUrlList trusted resource URL list}/ {@link
ng.$sceDelegateProvider#bannedResourceUrlList banned resource URL list} or wrap the URL with a call to {@link
ng.$sceDelegateProvider#resourceUrlWhitelist whitelist}/ {@link
ng.$sceDelegateProvider#resourceUrlBlacklist blacklist} or wrap the URL with a call to {@link
ng.$sce#trustAsResourceUrl $sce.trustAsResourceUrl}.
**Note**: The browser's [Same Origin
+3 -3
View File
@@ -3,7 +3,7 @@
@fullName The sequence *** is not a valid pattern wildcard
@description
The strings in {@link $sceDelegateProvider#trustedResourceUrlList
$sceDelegateProvider.trustedResourceUrlList} and {@link
$sceDelegateProvider#bannedResourceUrlList $sceDelegateProvider.bannedResourceUrlList} may not
The strings in {@link $sceDelegateProvider#resourceUrlWhitelist
$sceDelegateProvider.resourceUrlWhitelist} and {@link
$sceDelegateProvider#resourceUrlBlacklist $sceDelegateProvider.resourceUrlBlacklist} may not
contain the undefined sequence `***`. Only `*` and `**` wildcard patterns are defined.
+2 -3
View File
@@ -327,7 +327,7 @@ The default CSS for `ngHide`, the inverse method to `ngShow`, makes ngAria redun
<h2><span id="ngclick">ngClick</span> and <span id="ngdblclick">ngDblclick</span></h2>
If `ng-click` or `ng-dblclick` is encountered, ngAria will add `tabindex="0"` to any element not in
the list of built in aria nodes:
a node blacklist:
* Button
* Anchor
@@ -337,8 +337,7 @@ the list of built in aria nodes:
* Details/Summary
To fix widespread accessibility problems with `ng-click` on `div` elements, ngAria will
dynamically bind a keypress event by default as long as the element isn't in a node from the list of
built in aria nodes.
dynamically bind a keypress event by default as long as the element isn't in the node blacklist.
You can turn this functionality on or off with the `bindKeypress` configuration option.
ngAria will also add the `button` role to communicate to users of assistive technologies. This can
+3 -2
View File
@@ -17,8 +17,9 @@ attributes and tags. Read this document if you are planning on deploying your An
on IE.
The project currently supports and will attempt to fix bugs for IE9 and above. The continuous
integration server runs all unit tests against IE9, IE10, and IE11. See
[CircleCI](https://circleci.com/gh/angular/workflows/angular.js/tree/master).
integration server runs all the tests against IE9, IE10, and IE11. See
[Travis CI](https://travis-ci.org/angular/angular.js) and
[ci.angularjs.org](https://ci.angularjs.org).
We do not run tests on IE8 and below. A subset of the AngularJS functionality may work on these
browsers, but it is up to you to test and decide whether it works for your particular app.
+14 -40
View File
@@ -15,30 +15,6 @@ which drives many of these changes.
* Several new features, especially animations, would not be possible without a few changes.
* Finally, some outstanding bugs were best fixed by changing an existing API.
## Migrating from 1.7 to 1.8
Generally updating to 1.8.0 from 1.7.x should be a straightforward process and is highly recommended.
AngularJS 1.8 is a breaking change release from 1.7 to mitigate a security issue.
JqLite no longer turns XHTML-like strings like `<div /><span />` to sibling elements when not in XHTML
mode: `<div></div><span></span>`.
Instead it will leave the elements alone. In non-XHTML mode the browser will convert these to nested
elements: `<div><span></span></div>`.
This is a security fix to avoid an XSS vulnerability if a new jqLite element is created from a
user-controlled HTML string. If you must have this functionality and understand the risk involved
then it is posible to restore the original behavior by calling
```js
angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement();
```
But you should adjust your code for this change and remove your use of this function as soon as
possible.
Note that this only patches jqLite. If you use jQuery 3.5.0 or newer, please read the
[jQuery 3.5 upgrade guide](https://jquery.com/upgrade-guide/3.5/) for more details about the workarounds.
## Migrating from 1.6 to 1.7
@@ -276,16 +252,15 @@ statement.
**Due to [6ccbfa](https://github.com/angular/angular.js/commit/6ccbfa65d60a3dc396d0cf6da21b993ad74653fd)**,
the `xlink:href` security context for SVG's `a` and `image` elements has been lowered.
In the unlikely case that an app relied on `RESOURCE_URL` trusted list for the
In the unlikely case that an app relied on `RESOURCE_URL` whitelisting for the
purpose of binding to the `xlink:href` property of SVG's `<a>` or `<image>`
elements and if the values do not pass the regular URL sanitization, they will
break.
To fix this you need to ensure that the values used for binding to the affected
`xlink:href` contexts are considered safe URLs, e.g. by trusting them in
`$compileProvider`'s `aHrefSanitizationWhitelist` (called `aHrefSanitizationTrustedUrlList` form
1.8.1 onwards) (for `<a>` elements) or `imgSrcSanitizationWhitelist` (called
`imgSrcSanitizationTrustedUrlList` from 1.8.1 onwards) (for `<image>` elements).
`xlink:href` contexts are considered safe URLs, e.g. by whitelisting them in
`$compileProvider`'s `aHrefSanitizationWhitelist` (for `<a>` elements) or
`imgSrcSanitizationWhitelist` (for `<image>` elements).
<hr />
@@ -1310,7 +1285,7 @@ running at `https://docs.angularjs.org` then the following will fail:
By default, only URLs with the same domain and protocol as the application document are considered
safe in the `RESOURCE_URL` context. To use URLs from other domains and/or protocols, you may either
add them to the trusted source URL list or wrap them into a trusted value by calling `$sce.trustAsResourceUrl(url)`.
whitelist them or wrap them into a trusted value by calling `$sce.trustAsResourceUrl(url)`.
<hr />
<minor />
@@ -1388,7 +1363,7 @@ $http.json('other/trusted/url', {jsonpCallbackParam: 'cb'});
all JSONP requests now require the URL to be trusted as a resource URL. There are two approaches to
trust a URL:
1. **Setting trusted resource URLs with the `$sceDelegateProvider.resourceUrlWhitelist()` (called `trustedResourceUrlList()` from 1.8.1 onwards) method.**
1. **Whitelisting with the `$sceDelegateProvider.resourceUrlWhitelist()` method.**
You configure this list in a module configuration block:
```js
@@ -2208,7 +2183,7 @@ service does not have access to the resource in order to sanitize it.
Similarly, due to [234053fc](https://github.com/angular/angular.js/commit/234053fc9ad90e0d05be7e8359c6af66be94c094),
the `$sanitize` service will now also remove instances of the `usemap` attribute from any elements
passed to it. This attribute is used to reference another element by `name` or `id`. Since the
`name` and `id` attributes are already banned, a sanitized `usemap` attribute could only
`name` and `id` attributes are already blacklisted, a sanitized `usemap` attribute could only
reference unsanitized content, which is a security risk.
Due to [98c2db7f](https://github.com/angular/angular.js/commit/98c2db7f9c2d078a408576e722407d518c7ee10a),
@@ -2648,8 +2623,8 @@ $scope.findTemplate = function(templateName) {
};
```
To migrate, either cache the result of `trustAsResourceUrl()`, or put the template url in the trusted resource
URL list in the `config()` function:
To migrate, either cache the result of `trustAsResourceUrl()`, or put the template url in the resource
whitelist in the `config()` function:
After:
@@ -2663,8 +2638,7 @@ $scope.findTemplate = function(templateName) {
return templateCache[templateName];
};
// Alternatively, use `$sceDelegateProvider.resourceUrlWhitelist()` (called
// `trustedResourceUrlList()` from 1.8.1 onwards), which means you don't
// Alternatively, use `$sceDelegateProvider.resourceUrlWhitelist()`, which means you don't
// have to use `$sce.trustAsResourceUrl()` at all:
angular.module('myApp', []).config(function($sceDelegateProvider) {
@@ -3355,7 +3329,7 @@ below should still apply, but you may want to consult the
<li>{@link guide/migration#directive-priority Directive priority}</li>
<li>{@link guide/migration#ngscenario ngScenario}</li>
<li>{@link guide/migration#nginclude-and-ngview-replace-its-entire-element-on-update ngInclude and ngView replace its entire element on update}</li>
<li>{@link guide/migration#urls-are-now-sanitized-against-a-trusted-uri-matcher URLs are now sanitized against a trusted URI matcher}</li>
<li>{@link guide/migration#urls-are-now-sanitized-against-a-whitelist URLs are now sanitized against a whitelist}</li>
<li>{@link guide/migration#isolate-scope-only-exposed-to-directives-with-scope-property Isolate scope only exposed to directives with <code>scope</code> property}</li>
<li>{@link guide/migration#change-to-interpolation-priority Change to interpolation priority}</li>
<li>{@link guide/migration#underscore-prefixed-suffixed-properties-are-non-bindable Underscore-prefixed/suffixed properties are non-bindable}</li>
@@ -3845,10 +3819,10 @@ See [7d69d52a](https://github.com/angular/angular.js/commit/7d69d52acff8578e0f7d
[aa2133ad](https://github.com/angular/angular.js/commit/aa2133ad818d2e5c27cbd3933061797096356c8a).
### URLs are now sanitized against a trusted URI matcher
### URLs are now sanitized against a whitelist
A trusted URI matcher configured via `$compileProvider` can be used to configure what URLs are considered safe.
By default all common protocol prefixes are trusted including `data:` URIs with mime types `image/*`.
A whitelist configured via `$compileProvider` can be used to configure what URLs are considered safe.
By default all common protocol prefixes are whitelisted including `data:` URIs with mime types `image/*`.
This change shouldn't impact apps that don't contain malicious image links.
See [1adf29af](https://github.com/angular/angular.js/commit/1adf29af13890d61286840177607edd552a9df97),
+2 -3
View File
@@ -174,9 +174,8 @@ Yes, AngularJS can use [jQuery](http://jquery.com/) if it's present in your app
application is being bootstrapped. If jQuery is not present in your script path, AngularJS falls back
to its own implementation of the subset of jQuery that we call {@link angular.element jQLite}.
For AngularJS 1.8 we support jQuery 2.1+ but we suggest jQuery 3.5.1 or above to avoid a potential
security issue. Earlier versions of jQuery might work correctly with AngularJS but we don't guarantee
that.
AngularJS 1.3 only supports jQuery 2.1 or above. jQuery 1.7 and newer might work correctly with AngularJS
but we don't guarantee that.
### What is testability like in AngularJS?
+33 -14
View File
@@ -4,25 +4,44 @@
# Version Support Status
**AngularJS support has officially ended as of January 2022.**
This page describes the support status of the significant versions of AngularJS.
Visit [angular.io](https://angular.io) for the actively supported Angular.
<div class="alert alert-info">
On July 1, 2018 AngularJS entered a 3 year Long Term Support period.
</div>
## What does end of support mean?
Any version branch not shown in the following table (e.g. 1.6.x) is no longer being developed.
The code will remain accessible on [GitHub](https://github.com/angular/angular.js),
[npm](https://www.npmjs.com/package/angular),
[Bower](https://github.com/angular/bower-angular), and
[Release archive](https://code.angularjs.org/1.8.2).
This website will remain here indefinitely.
<table class="dev-status table table-bordered">
<thead>
<tr><th>Version</th><th>Status</th><th>Comments</th></tr>
</thead>
<tbody>
<tr class="security">
<td><span>1.2.x</span></td>
<td>Security patches only</td>
<td>Last version to provide IE 8 support</td>
</tr>
<tr class="stable">
<td><span>1.7.x</span></td>
<td>Long Term Support</td>
<td>See {@link version-support-status#long-term-support Long Term Support} section below.</td>
</tr>
</tbody>
</table>
The GitHub repository will be in an archived state, meaning that no new issues or pull requests
can be submitted.
### Long Term Support
See https://goo.gle/angularjs-end-of-life for the full details.
On July 1st 2018, AngularJS entered a Long Term Support period.
### Extended Long Term Support
We now focus exclusively on providing fixes to bugs that satisfy at least one of the following criteria:
If you need extended support for AngularJS, you should consider:
* A security flaw is detected in the 1.7.x branch of the framework
* One of the major browsers releases a version that will cause current production applications using AngularJS 1.7.x to stop working
* The jQuery library releases a version that will cause current production applications using AngularJS 1.7.x to stop working.
* [HeroDevs](https://www.herodevs.com/support/nes-angularjs)
AngularJS 1.2.x will get a new version if and only if a new severe security issue is discovered.
### Blog Post
You can read more about these plans in our [blog post announcement](https://blog.angular.io/stable-angularjs-and-long-term-support-7e077635ee9c).
+4 -4
View File
@@ -34,16 +34,16 @@ Since we are using [npm][npm] to install client-side dependencies, this step upd
"name": "angular-phonecat",
...
"dependencies": {
"angular": "1.8.x",
"angular-route": "1.8.x",
"angular": "1.7.x",
"angular-route": "1.7.x",
"bootstrap": "3.3.x"
},
...
}
```
The new dependency `"angular-route": "1.8.x"` tells npm to install a version of the angular-route
module that is compatible with version 1.8.x of AngularJS. We must tell npm to download and install
The new dependency `"angular-route": "1.7.x"` tells npm to install a version of the angular-route
module that is compatible with version 1.7.x of AngularJS. We must tell npm to download and install
this dependency.
```
+5 -5
View File
@@ -32,17 +32,17 @@ Since we are using [npm][npm] to install client-side dependencies, this step upd
"name": "angular-phonecat",
...
"dependencies": {
"angular": "1.8.x",
"angular-resource": "1.8.x",
"angular-route": "1.8.x",
"angular": "1.7.x",
"angular-resource": "1.7.x",
"angular-route": "1.7.x",
"bootstrap": "3.3.x"
},
...
}
```
The new dependency `"angular-resource": "1.8.x"` tells npm to install a version of the
angular-resource module that is compatible with version 1.8.x of AngularJS. We must tell npm to
The new dependency `"angular-resource": "1.7.x"` tells npm to install a version of the
angular-resource module that is compatible with version 1.7.x of AngularJS. We must tell npm to
download and install this dependency.
```
+8 -8
View File
@@ -36,20 +36,20 @@ Since we are using [npm][npm] to install client-side dependencies, this step upd
"name": "angular-phonecat",
...
"dependencies": {
"angular": "1.8.x",
"angular-animate": "1.8.x",
"angular-resource": "1.8.x",
"angular-route": "1.8.x",
"angular": "1.7.x",
"angular-animate": "1.7.x",
"angular-resource": "1.7.x",
"angular-route": "1.7.x",
"bootstrap": "3.3.x",
"jquery": "^3.5.1"
"jquery": "3.3.x"
},
...
}
```
* `"angular-animate": "1.8.x"` tells npm to install a version of the angular-animate module that
is compatible with version 1.8.x of AngularJS.
* `"jquery": "^3.5.1"` tells npm to install a version of jQuery that is compatible with 3.5.x and at least 3.5.1.
* `"angular-animate": "1.7.x"` tells npm to install a version of the angular-animate module that
is compatible with version 1.7.x of AngularJS.
* `"jquery": "3.3.x"` tells npm to install the latest patch release of the 3.3 version of jQuery.
Note that this is not an AngularJS library; it is the standard jQuery library. We can use npm to
install a wide range of 3rd party libraries.
+36 -3
View File
@@ -169,9 +169,42 @@ module.exports = function(config, specificOptions) {
});
if (process.env.TRAVIS) {
var buildLabel = 'TRAVIS #' + process.env.TRAVIS_BUILD_NUMBER + ' (' + process.env.TRAVIS_BUILD_ID + ')';
// Karma (with socket.io 1.x) buffers by 50 and 50 tests can take a long time on IEs;-)
config.browserNoActivityTimeout = 120000;
config.browserStack.build = buildLabel;
config.browserStack.startTunnel = false;
config.browserStack.tunnelIdentifier = process.env.TRAVIS_JOB_NUMBER;
config.sauceLabs.build = buildLabel;
config.sauceLabs.startConnect = false;
config.sauceLabs.tunnelIdentifier = process.env.TRAVIS_JOB_NUMBER;
config.sauceLabs.recordScreenshots = true;
// Try 'websocket' for a faster transmission first. Fallback to 'polling' if necessary.
config.transports = ['websocket', 'polling'];
// Debug logging into a file, that we print out at the end of the build.
config.loggers.push({
type: 'file',
filename: process.env.LOGS_DIR + '/' + (specificOptions.logFile || 'karma.log')
});
if (process.env.BROWSER_PROVIDER === 'saucelabs' || !process.env.BROWSER_PROVIDER) {
// Allocating a browser can take pretty long (eg. if we are out of capacity and need to wait
// for another build to finish) and so the `captureTimeout` typically kills
// an in-queue-pending request, which makes no sense.
config.captureTimeout = 0;
}
}
// Terrible hack to workaround inflexibility of log4js:
// - ignore web-server's 404 warnings,
// - ignore DEBUG logs (on CI), we log them into a file instead.
// - ignore DEBUG logs (on Travis), we log them into a file instead.
var IGNORED_404 = [
'/favicon.ico',
'/%7B%7BtestUrl%7D%7D',
@@ -197,8 +230,8 @@ module.exports = function(config, specificOptions) {
return;
}
// on CI, ignore DEBUG statements
if (process.env.CI && log.level.levelStr === config.LOG_DEBUG) {
// on Travis, ignore DEBUG statements
if (process.env.TRAVIS && log.level.levelStr === config.LOG_DEBUG) {
return;
}
+50
View File
@@ -0,0 +1,50 @@
'use strict';
var fs = require('fs');
var http = require('http');
var BrowserStackTunnel = require('browserstacktunnel-wrapper');
var HOSTNAME = 'localhost';
var PORTS = [9876, 8000];
var ACCESS_KEY = process.env.BROWSER_STACK_ACCESS_KEY;
var READY_FILE = process.env.BROWSER_PROVIDER_READY_FILE;
var TUNNEL_IDENTIFIER = process.env.TRAVIS_JOB_NUMBER;
// We need to start fake servers, otherwise the tunnel does not start.
var fakeServers = [];
var hosts = [];
PORTS.forEach(function(port) {
fakeServers.push(http.createServer(function() {}).listen(port));
hosts.push({
name: HOSTNAME,
port: port,
sslFlag: 0
});
});
var tunnel = new BrowserStackTunnel({
key: ACCESS_KEY,
localIdentifier: TUNNEL_IDENTIFIER,
hosts: hosts
});
console.log('Starting tunnel on ports', PORTS.join(', '));
tunnel.start(function(error) {
if (error) {
console.error('Can not establish the tunnel', error);
} else {
console.log('Tunnel established.');
fakeServers.forEach(function(server) {
server.close();
});
if (READY_FILE) {
fs.writeFile(READY_FILE, '');
}
}
});
tunnel.on('error', function(error) {
console.error(error);
});
+3
View File
@@ -0,0 +1,3 @@
export BROWSER_STACK_ACCESS_KEY=`echo $BROWSER_STACK_ACCESS_KEY | rev`
node ./lib/browserstack/start_tunnel.js &
+8
View File
@@ -0,0 +1,8 @@
#!/bin/bash
set -e -o pipefail
echo "Shutting down Browserstack tunnel"
echo "TODO: implement me"
exit 1
+2 -2
View File
@@ -63,8 +63,8 @@ module.exports = function(grunt) {
util.collectErrors();
});
grunt.registerTask('firebaseDocsJsonForCI', function() {
util.firebaseDocsJsonForCI();
grunt.registerTask('firebaseDocsJsonForTravis', function() {
util.firebaseDocsJsonForTravis();
});
};
+18 -8
View File
@@ -7,12 +7,9 @@ var spawn = require('npm-run').spawn;
var CSP_CSS_HEADER = '/* Include this file in your html if you are using the CSP mode. */\n\n';
module.exports = {
codeScriptFolder: 'scripts/code.angularjs.org-firebase',
docsScriptFolder: 'scripts/docs.angularjs.org-firebase',
startKarma: function(config, singleRun, done) {
var browsers = grunt.option('browsers');
var reporters = grunt.option('reporters');
@@ -35,8 +32,8 @@ module.exports = {
updateWebdriver: function(done) {
if (process.env.CI) {
// Skip the webdriver-manager update on CI, since the browsers will
if (process.env.TRAVIS) {
// Skip the webdriver-manager update on Travis, since the browsers will
// be provided remotely.
done();
return;
@@ -113,7 +110,7 @@ module.exports = {
.replace(/\\/g, '\\\\')
.replace(/'/g, '\\\'')
.replace(/\r?\n/g, '\\n');
js = '!window.angular.$$csp().noInlineStyle && window.angular.element(document.head).prepend(window.angular.element(\'<style>\').text(\'' + css + '\'));';
js = '!window.angular.$$csp().noInlineStyle && window.angular.element(document.head).prepend(\'<style type="text/css">' + css + '</style>\');';
state.js.push(js);
return state;
@@ -303,6 +300,19 @@ module.exports = {
}
next();
};
}
},
// Our Firebase projects are in subfolders, but Travis expects them in the root,
// so we need to modify the upload folder path and copy the file into the root
firebaseDocsJsonForTravis: function() {
var docsScriptFolder = 'scripts/docs.angularjs.org-firebase';
var fileName = docsScriptFolder + '/firebase.json';
var json = grunt.file.readJSON(fileName);
(json.hosting || (json.hosting = {})).public = 'deploy/docs';
(json.functions || (json.functions = {})).source = docsScriptFolder + '/functions';
grunt.file.write('firebase.json', JSON.stringify(json));
}
};
-459
View File
@@ -1,459 +0,0 @@
#!/usr/bin/env bash
set -u -e -o pipefail
####################################################################################################
# Some helper funtions
@echo() {
echo "# $*"
}
@warn() {
@echo "Warning: $*" >&2
}
@fail() {
@echo "Error! $*" >&2
exit 1
}
@remove() {
local f="$1"
if [[ -f ${f} ]]; then
@echo "Removing ${f}"
rm -f "${f}" || @fail "Can not delete ${f} file"
fi
}
@kill() {
for p in $1; do
if kill -0 ${p} >/dev/null 2>&1; then
kill ${p}
sleep 2
if kill -0 ${p} >/dev/null 2>&1; then
kill -9 ${p}
sleep 2
fi
fi
done
}
@wait_for() {
local m="$1"
local f="$2"
if [[ ! -f "${f}" ]]; then
printf "# ${m} (${f})"
while [[ ! -f "${f}" ]]; do
printf "."
sleep 0.5
done
printf "\n"
fi
}
####################################################################################################
# Sauce service functions
readonly SCRIPT_DIR=$(cd $(dirname $0); pwd)
readonly TMP_DIR="/tmp/angular/sauce-service"
mkdir -p ${TMP_DIR}
# Location for the saucelabs log file.
readonly SAUCE_LOG_FILE="${TMP_DIR}/sauce-connect.log"
# Location for the saucelabs ready to connection process id lock file.
readonly SAUCE_PID_FILE="${TMP_DIR}/sauce-connect.pid"
# Location for the saucelabs ready to connect lock file.
readonly SAUCE_READY_FILE="${TMP_DIR}/sauce-connect.lock"
# Location for the saucelabs params file for use by test runner.
readonly SAUCE_PARAMS_JSON_FILE="${TMP_DIR}/sauce-connect-params.json"
# Amount of seconds we wait for sauceconnect to establish a tunnel instance. In order to not
# acquire CircleCI instances for too long if sauceconnect fails, we need a connect timeout.
readonly SAUCE_READY_FILE_TIMEOUT=120
readonly SERVICE_LOCK_FILE="${TMP_DIR}/service.lock"
readonly SERVICE_START_FILE="${TMP_DIR}/service.start"
readonly SERVICE_PID_FILE="${TMP_DIR}/service.pid"
readonly SERVICE_LOG_FILE="${TMP_DIR}/service.log"
service-setup-command() {
if [[ -z "${SAUCE_USERNAME:-}" ]]; then
@fail "SAUCE_USERNAME environment variable required"
fi
if [[ -z "${SAUCE_ACCESS_KEY:-}" ]]; then
@fail "SAUCE_ACCESS_KEY environment variable required"
fi
if [[ -z "${SAUCE_TUNNEL_IDENTIFIER:-}" ]]; then
@fail "SAUCE_TUNNEL_IDENTIFIER environment variable required"
fi
local unameOut="$(uname -s)"
case "${unameOut}" in
Linux*) local machine=linux ;;
Darwin*) local machine=darwin ;;
CYGWIN*) local machine=windows ;;
MINGW*) local machine=windows ;;
MSYS_NT*) local machine=windows ;;
*) local machine=linux
printf "\nUnrecongized uname '${unameOut}'; defaulting to use node for linux.\n" >&2
printf "Please file an issue to https://github.com/bazelbuild/rules_nodejs/issues if \n" >&2
printf "you would like to add your platform to the supported rules_nodejs node platforms.\n\n" >&2
;;
esac
case "${machine}" in
# Path to sauce connect executable
linux)
if [[ -z "${BUILD_WORKSPACE_DIRECTORY:-}" ]]; then
# Started manually
SAUCE_CONNECT="${SCRIPT_DIR}/../../node_modules/sauce-connect/bin/sc"
else
# Started via `bazel run`
SAUCE_CONNECT="${BUILD_WORKSPACE_DIRECTORY}/node_modules/sauce-connect/bin/sc"
fi
;;
*)
if [[ -z "${SAUCE_CONNECT:-}" ]]; then
@fail "SAUCE_CONNECT environment variable is required on non-linux environments"
exit 1
fi
;;
esac
if [[ ! -f ${SAUCE_CONNECT} ]]; then
@fail "sc binary not found at ${SAUCE_CONNECT}"
fi
echo "{ \"SAUCE_USERNAME\": \"${SAUCE_USERNAME}\", \"SAUCE_ACCESS_KEY\": \"${SAUCE_ACCESS_KEY}\", \"SAUCE_TUNNEL_IDENTIFIER\": \"${SAUCE_TUNNEL_IDENTIFIER}\", \"SAUCE_LOCALHOST_ALIAS_DOMAIN\": \"${SAUCE_LOCALHOST_ALIAS_DOMAIN:-}\" }" > ${SAUCE_PARAMS_JSON_FILE}
# Command arguments that will be passed to sauce-connect.
# By default we disable SSL bumping for all requests. This is because SSL bumping is
# not needed for our test setup and in order to perform the SSL bumping, Saucelabs
# intercepts all HTTP requests in the tunnel VM and modifies them. This can cause
# flakiness as it makes all requests dependent on the SSL bumping middleware.
# See: https://wiki.saucelabs.com/display/DOCS/Troubleshooting+Sauce+Connect#TroubleshootingSauceConnect-DisablingSSLBumping
local sauce_args=(
"--no-ssl-bump-domains all"
"--logfile ${SAUCE_LOG_FILE}"
"--pidfile ${SAUCE_PID_FILE}"
"--readyfile ${SAUCE_READY_FILE}"
"--tunnel-identifier ${SAUCE_TUNNEL_IDENTIFIER}"
"--user ${SAUCE_USERNAME}"
# Don't add the --api-key here so we don't echo it out in service-pre-start
)
if [[ -n "${SAUCE_LOCALHOST_ALIAS_DOMAIN:-}" ]]; then
# Ensures that requests to the localhost alias domain are always resolved through the tunnel.
# This environment variable is usually configured on CI, and refers to a domain that has been
# locally configured in the current machine's hosts file (e.g. `/etc/hosts`). The domain should
# resolve to the current machine in Saucelabs VMs, so we need to ensure that it is resolved
# through the tunnel we going to create.
sauce_args+=("--tunnel-domains ${SAUCE_LOCALHOST_ALIAS_DOMAIN}")
fi
@echo "Sauce connect will be started with:"
echo " ${SAUCE_CONNECT} ${sauce_args[@]}"
SERVICE_COMMAND="${SAUCE_CONNECT} ${sauce_args[@]} --api-key ${SAUCE_ACCESS_KEY}"
}
# Called by pre-start & post-stop
service-cleanup() {
if [[ -f "${SAUCE_PID_FILE}" ]]; then
local p=$(cat "${SAUCE_PID_FILE}")
@echo "Stopping Sauce Connect (pid $p)..."
@kill $p
fi
@remove "${SAUCE_PID_FILE}"
@remove "${SAUCE_READY_FILE}"
@remove "${SAUCE_PARAMS_JSON_FILE}"
}
# Called before service is setup
service-pre-setup() {
service-cleanup
}
# Called after service is setup
service-post-setup() {
@echo " sauce params : ${SAUCE_PARAMS_JSON_FILE}"
}
# Called before service is started
service-pre-start() {
return
}
# Called after service is started
service-post-start() {
if [[ ! -f "${SAUCE_PID_FILE}" ]]; then
printf "# Waiting for Sauce Connect Proxy process (${SAUCE_PID_FILE})"
while [[ ! -f "${SAUCE_PID_FILE}" ]]; do
if ! @serviceStatus >/dev/null 2>&1; then
printf "\n"
@serviceStop
@echo "Service failed to start!"
service-failed-setup
exit 1
fi
printf "."
sleep 0.5
done
printf "\n"
fi
@echo "Sauce Connect Proxy started (pid $(cat "${SAUCE_PID_FILE}"))"
}
# Called if service fails to start
service-failed-setup() {
if [[ -f "${SERVICE_LOG_FILE}" ]]; then
@echo "tail ${SERVICE_LOG_FILE}:"
echo "--------------------------------------------------------------------------------"
tail "${SERVICE_LOG_FILE}"
echo "--------------------------------------------------------------------------------"
echo "^^^^^ ${SERVICE_LOG_FILE} ^^^^^"
fi
}
# Called by ready-wait action
service-ready-wait() {
if [[ ! -f "${SAUCE_PID_FILE}" ]]; then
@fail "Sauce Connect not running"
fi
if [[ ! -f "${SAUCE_READY_FILE}" ]]; then
# Wait for saucelabs tunnel to connect
printf "# Waiting for saucelabs tunnel to connect (${SAUCE_READY_FILE})"
counter=0
while [[ ! -f "${SAUCE_READY_FILE}" ]]; do
counter=$((counter + 1))
# Counter needs to be multiplied by two because the while loop only sleeps a half second.
# This has been made in favor of better progress logging (printing dots every half second)
if [ $counter -gt $[${SAUCE_READY_FILE_TIMEOUT} * 2] ]; then
@echo "Timed out after ${SAUCE_READY_FILE_TIMEOUT} seconds waiting for tunnel ready file."
if [[ -f "${SAUCE_LOG_FILE}" ]]; then
echo "================================================================================"
echo "${SAUCE_LOG_FILE}:"
cat "${SAUCE_LOG_FILE}"
fi
exit 5
fi
printf "."
sleep 0.5
done
printf "\n"
@echo "Saucelabs tunnel connected"
else
@echo "Saucelabs tunnel already connected"
fi
}
# Called before service is stopped
service-pre-stop() {
return
}
# Called after service is stopped
service-post-stop() {
service-cleanup
}
####################################################################################################
# Generic service functions
# This uses functions setup above but nothing below should be specific to saucelabs
@serviceLock() {
# Check is Lock File exists, if not create it and set trap on exit
printf "# Waiting for service action lock (${SERVICE_LOCK_FILE})"
while true; do
if { set -C; 2>/dev/null >"${SERVICE_LOCK_FILE}"; }; then
trap "rm -f \"${SERVICE_LOCK_FILE}\"" EXIT
printf "\n"
break
fi
printf "."
sleep 0.5
done
@echo "Acquired service action lock"
}
@serviceStatus() {
if [ -f "${SERVICE_PID_FILE}" ] && [ ! -z "$(cat "${SERVICE_PID_FILE}")" ]; then
local p=$(cat "${SERVICE_PID_FILE}")
if kill -0 $p >/dev/null 2>&1; then
@echo "Service is running (pid $p)"
return 0
else
@echo "Service is not running (process PID $p not exists)"
return 1
fi
else
@echo "Service is not running"
return 2
fi
}
@serviceSetup() {
if @serviceStatus >/dev/null 2>&1; then
@echo "Service already running (pid $(cat "${SERVICE_PID_FILE}"))"
return 0
fi
@echo "Setting up service..."
@remove "${SERVICE_PID_FILE}"
@remove "${SERVICE_START_FILE}"
touch "${SERVICE_LOG_FILE}" >/dev/null 2>&1 || @fail "Can not create ${SERVICE_LOG_FILE} file"
@echo " service pid : ${SERVICE_PID_FILE}"
@echo " service logs : ${SERVICE_LOG_FILE}"
service-pre-setup
service-setup-command
(
(
if [[ -z "${SERVICE_COMMAND:-}" ]]; then
@fail "No SERVICE_COMMAND is set"
fi
@wait_for "Waiting for start file" "${SERVICE_START_FILE}"
${SERVICE_COMMAND}
) >>"${SERVICE_LOG_FILE}" 2>&1
) &
echo $! >"${SERVICE_PID_FILE}"
if @serviceStatus >/dev/null 2>&1; then
@echo "Service setup (pid $(cat "${SERVICE_PID_FILE}"))"
service-post-setup
else
@echo "Error setting up Service!"
service-failed-setup
exit 1
fi
return $?
}
@serviceStart() {
if @serviceStatus >/dev/null 2>&1; then
@echo "Service already setup (pid $(cat "${SERVICE_PID_FILE}"))"
else
@serviceSetup
fi
if [[ -f "${SERVICE_START_FILE}" ]]; then
@echo "Service already started"
else
@echo "Starting service..."
service-pre-start
touch "${SERVICE_START_FILE}" >/dev/null 2>&1 || @err "Can not create ${SERVICE_START_FILE} file"
service-post-start
@echo "Service started"
fi
}
@serviceStop() {
if @serviceStatus >/dev/null 2>&1; then
touch "${SERVICE_PID_FILE}" >/dev/null 2>&1 || @fail "Can not touch ${SERVICE_PID_FILE} file"
service-pre-stop
@echo "Stopping sevice (pid $(cat "${SERVICE_PID_FILE}"))..."
@kill $(cat "${SERVICE_PID_FILE}")
if @serviceStatus >/dev/null 2>&1; then
@fail "Error stopping Service! Service already running with PID $(cat "${SERVICE_PID_FILE}")"
else
@echo "Service stopped"
@remove "${SERVICE_PID_FILE}"
@remove "${SERVICE_START_FILE}"
service-post-stop
fi
return 0
else
@warn "Service is not running"
@remove "${SERVICE_PID_FILE}"
@remove "${SERVICE_START_FILE}"
service-post-stop
fi
}
@serviceStartReadyWait() {
@serviceStart
@serviceReadyWait
}
@serviceReadyWait() {
service-ready-wait
}
@serviceRestart() {
@serviceStop
@serviceStart
}
@serviceTail() {
@echo "tail ${SERVICE_LOG_FILE}:"
tail -f "${SERVICE_LOG_FILE}"
}
@serviceLog() {
@echo "cat ${SERVICE_LOG_FILE}:"
echo "--------------------------------------------------------------------------------"
cat "${SERVICE_LOG_FILE}"
echo "--------------------------------------------------------------------------------"
echo "^^^^^ ${SERVICE_LOG_FILE} ^^^^^"
}
case "${1:-}" in
setup)
@serviceLock
@serviceSetup
;;
start)
@serviceLock
@serviceStart
;;
start-ready-wait)
@serviceLock
@serviceStartReadyWait
;;
ready-wait)
@serviceLock
@serviceReadyWait
;;
stop)
@serviceLock
@serviceStop
;;
restart)
@serviceLock
@serviceRestart
;;
status)
@serviceLock
@serviceStatus
;;
run)
(
service-setup-command
if [[ -z "${SERVICE_COMMAND:-}" ]]; then
@fail "No SERVICE_COMMAND is set"
fi
${SERVICE_COMMAND}
)
;;
log)
@serviceLog
;;
tail)
@serviceTail
;;
*)
@echo "Actions: [setup|start|start-read-wait|ready-wait|stop|restart|status|run|tail]"
exit 1
;;
esac
+47
View File
@@ -0,0 +1,47 @@
#!/bin/bash
set -e
# Setup and start Sauce Connect for your TravisCI build
# This script requires your .travis.yml to include the following two private env variables:
# SAUCE_USERNAME
# SAUCE_ACCESS_KEY
# Follow the steps at https://saucelabs.com/opensource/travis to set that up.
#
# Curl and run this script as part of your .travis.yml before_script section:
# before_script:
# - curl https://gist.github.com/santiycr/5139565/raw/sauce_connect_setup.sh | bash
SC_VERSION="4.5.4"
CONNECT_URL="https://saucelabs.com/downloads/sc-$SC_VERSION-linux.tar.gz"
CONNECT_DIR="/tmp/sauce-connect-$RANDOM"
CONNECT_DOWNLOAD="sc-$SC_VERSION-linux.tar.gz"
# We don't want to create a log file because sauceconnect always logs in verbose mode. This seems
# to be overwhelming Travis and causing flakes when we are cat-ing the log in "print_logs.sh"
CONNECT_LOG="/dev/null"
# Get Connect and start it
mkdir -p $CONNECT_DIR
cd $CONNECT_DIR
curl $CONNECT_URL -o $CONNECT_DOWNLOAD 2> /dev/null 1> /dev/null
mkdir sauce-connect
tar --extract --file=$CONNECT_DOWNLOAD --strip-components=1 --directory=sauce-connect > /dev/null
rm $CONNECT_DOWNLOAD
SAUCE_ACCESS_KEY=`echo $SAUCE_ACCESS_KEY | rev`
ARGS=""
# Set tunnel-id only on Travis, to make local testing easier.
if [ ! -z "$TRAVIS_JOB_NUMBER" ]; then
ARGS="$ARGS --tunnel-identifier $TRAVIS_JOB_NUMBER"
fi
if [ ! -z "$BROWSER_PROVIDER_READY_FILE" ]; then
ARGS="$ARGS --readyfile $BROWSER_PROVIDER_READY_FILE"
fi
echo "Starting Sauce Connect in the background"
sauce-connect/bin/sc -u $SAUCE_USERNAME -k $SAUCE_ACCESS_KEY $ARGS \
--logfile $CONNECT_LOG &
+16
View File
@@ -0,0 +1,16 @@
#!/bin/bash
set -e -o pipefail
echo "Shutting down Sauce Connect tunnel"
killall sc
while [[ -n `ps -ef | grep "sauce-connect-" | grep -v "grep"` ]]; do
printf "."
sleep .5
done
echo ""
echo "Sauce Connect tunnel has been shut down"
+3 -3
View File
@@ -65,7 +65,7 @@ var getCodeName = function(tagName) {
/**
* Compute a build segment for the version, from the CI build number and current commit SHA
* Compute a build segment for the version, from the Jenkins build number and current commit SHA
* @return {String} The build segment of the version
*/
function getBuild() {
@@ -189,7 +189,7 @@ var getSnapshotVersion = function() {
// We need to clone to ensure that we are not modifying another version
version = semver(version.raw);
var ciBuild = process.env.CIRCLE_BUILD_NUM || process.env.BUILD_NUMBER;
var jenkinsBuild = process.env.TRAVIS_BUILD_NUMBER || process.env.BUILD_NUMBER;
if (!version.prerelease || !version.prerelease.length) {
// last release was a non beta release. Increment the patch level to
// indicate the next release that we will be doing.
@@ -203,7 +203,7 @@ var getSnapshotVersion = function() {
// as this is bigger than 1.3.0-beta.2 according to semver
version.patch++;
}
version.prerelease = ciBuild ? ['build', ciBuild] : ['local'];
version.prerelease = jenkinsBuild ? ['build', jenkinsBuild] : ['local'];
version.build = getBuild();
version.codeName = 'snapshot';
version.isSnapshot = true;
+24 -28
View File
@@ -1,16 +1,16 @@
{
"name": "angular",
"license": "MIT",
"branchVersion": "^1.8.0",
"branchPattern": "1.8.*",
"distTag": "next",
"branchVersion": "^1.7.0",
"branchPattern": "1.7.*",
"distTag": "previous_1_7",
"repository": {
"type": "git",
"url": "https://github.com/angular/angular.js.git"
},
"engines": {
"node": ">=12.14.1",
"yarn": ">=1.21.1",
"node": ">=8.12.0",
"yarn": ">=1.10.1",
"grunt-cli": "^1.2.0"
},
"scripts": {
@@ -22,12 +22,12 @@
"angular-benchpress": "0.x.x",
"benchmark": "1.x.x",
"bootstrap": "3.1.1",
"browserstacktunnel-wrapper": "2.0.4",
"browserstacktunnel-wrapper": "2.0.0",
"canonical-path": "0.0.2",
"changez": "^2.1.1",
"changez-angular": "^2.1.2",
"cheerio": "^0.17.0",
"commitizen": "^4.2.4",
"commitizen": "^2.3.0",
"commitplease": "^2.7.10",
"cross-spawn": "^4.0.0",
"cz-conventional-changelog": "1.1.4",
@@ -35,10 +35,9 @@
"dgeni-packages": "^0.26.5",
"eslint-plugin-promise": "^3.6.0",
"event-stream": "~3.1.0",
"firebase-tools": "^9.3.0",
"glob": "^6.0.1",
"google-code-prettify": "1.0.1",
"grunt": "^1.4.1",
"grunt": "^1.0.1",
"grunt-bump": "^0.8.0",
"grunt-cli": "^1.2.0",
"grunt-contrib-clean": "^1.0.0",
@@ -55,28 +54,28 @@
"gulp-foreach": "0.0.1",
"gulp-rename": "^1.2.0",
"gulp-sourcemaps": "^1.2.2",
"gulp-uglify": "^3.0.2",
"gulp-uglify": "^1.0.1",
"gulp-util": "^3.0.1",
"jasmine-core": "^2.8.0",
"jasmine-node": "^2.0.0",
"jasmine-reporters": "^2.2.0",
"jquery": "3.5.1",
"jquery": "3.4.0",
"jquery-2.1": "npm:jquery@2.1.4",
"jquery-2.2": "npm:jquery@2.2.4",
"karma": "4.4.1",
"karma-browserstack-launcher": "1.5.1",
"karma-chrome-launcher": "3.1.0",
"karma-edge-launcher": "0.4.2",
"karma-firefox-launcher": "1.2.0",
"karma-ie-launcher": "1.0.0",
"karma": "^3.1.4",
"karma-browserstack-launcher": "^1.3.0",
"karma-chrome-launcher": "^2.2.0",
"karma-edge-launcher": "^0.4.2",
"karma-firefox-launcher": "^1.1.0",
"karma-ie-launcher": "^1.0.0",
"karma-jasmine": "^1.1.2",
"karma-junit-reporter": "2.0.1",
"karma-safari-launcher": "1.0.0",
"karma-sauce-launcher": "2.0.2",
"karma-script-launcher": "1.0.0",
"karma-spec-reporter": "0.0.32",
"karma-junit-reporter": "^1.2.0",
"karma-safari-launcher": "^1.0.0",
"karma-sauce-launcher": "^2.0.2",
"karma-script-launcher": "^1.0.0",
"karma-spec-reporter": "^0.0.32",
"load-grunt-tasks": "^3.5.0",
"lodash": "~4.17.21",
"lodash": "~2.4.1",
"log4js": "^0.6.27",
"lunr": "^0.7.2",
"marked": "~0.3.0",
@@ -84,12 +83,11 @@
"npm-run": "^4.1.0",
"open-sans-fontface": "^1.4.0",
"promises-aplus-tests": "~2.1.0",
"protractor": "^7.0.0",
"protractor": "^5.4.1",
"q": "~1.0.0",
"q-io": "^1.10.9",
"qq": "^0.3.5",
"rewire": "~2.1.0",
"sauce-connect": "https://saucelabs.com/downloads/sc-4.6.2-linux.tar.gz",
"sax": "^1.1.1",
"selenium-webdriver": "^4.0.0-alpha.1",
"semver": "^5.4.1",
@@ -104,9 +102,7 @@
"resolutions": {
"//1": "`natives@1.1.0` does not work with Node.js 10.x on Windows 10",
"//2": "(E.g. see https://github.com/gulpjs/gulp/issues/2162 and https://github.com/nodejs/node/issues/25132.)",
"natives": "1.1.6",
"//3": "`graceful-fs` needs to be pinned to support gulp 3, on Node v12+",
"graceful-fs": "^4.2.3"
"natives": "1.1.6"
},
"commitplease": {
"style": "angular",
-44
View File
@@ -1,44 +0,0 @@
'use strict';
var config = require('./protractor-shared-conf').config;
// Using SauceLabs.
config.capabilities = undefined;
config.sauceUser = process.env.SAUCE_USERNAME;
config.sauceKey = process.env.SAUCE_ACCESS_KEY;
config.multiCapabilities = [
capabilitiesForSauceLabs({
browserName: 'chrome',
platform: 'OS X 10.15',
version: '91'
}),
capabilitiesForSauceLabs({
browserName: 'firefox',
platform: 'OS X 10.15',
version: '85'
})
];
config.allScriptsTimeout = 30000;
config.getPageTimeout = 30000;
exports.config = config;
function capabilitiesForSauceLabs(capabilities) {
return {
'tunnel-identifier': process.env.SAUCE_TUNNEL_IDENTIFIER,
'name': 'AngularJS E2E',
'build': `${process.env.CIRCLE_BUILD_NUM}-${process.env.CIRCLE_NODE_INDEX}`,
'browserName': capabilities.browserName,
'platform': capabilities.platform,
'version': capabilities.version,
'elementScrollBehavior': 1,
// Allow e2e test sessions to run for a maximum of 40 minutes, instead of the default 30 minutes.
'maxDuration': 2400
};
}
+42
View File
@@ -0,0 +1,42 @@
'use strict';
exports.config = {
allScriptsTimeout: 11000,
specs: [
'test/e2e/tests/**/*.js',
'build/docs/ptore2e/**/*.js',
'docs/app/e2e/*.scenario.js'
],
capabilities: {
'browserName': 'chrome'
},
baseUrl: 'http://localhost:8000/',
framework: 'jasmine2',
onPrepare: function() {
/* global angular: false, browser: false, jasmine: false */
// Disable animations so e2e tests run more quickly
var disableNgAnimate = function() {
angular.module('disableNgAnimate', []).run(['$animate', function($animate) {
$animate.enabled(false);
}]);
};
browser.addMockModule('disableNgAnimate', disableNgAnimate);
var reporters = require('jasmine-reporters');
jasmine.getEnv().addReporter(new reporters.JUnitXmlReporter({
savePath: 'test_out/docs-e2e-' + exports.config.capabilities.browserName + '-'
}));
},
jasmineNodeOpts: {
defaultTimeoutInterval: 30000,
showColors: false
}
};
+86
View File
@@ -0,0 +1,86 @@
'use strict';
var config = require('./protractor-shared-conf').config;
if (process.env.BROWSER_PROVIDER === 'browserstack') {
// Using BrowserStack.
config.seleniumAddress = 'http://hub.browserstack.com/wd/hub';
config.multiCapabilities = [
capabilitiesForBrowserStack({
browserName: 'chrome',
platform: 'MAC',
version: '49'
}),
capabilitiesForBrowserStack({
browserName: 'firefox',
version: '47'
}),
capabilitiesForBrowserStack({
browserName: 'safari',
platform: 'MAC',
version: '9'
})
];
} else {
// Using SauceLabs.
config.sauceUser = process.env.SAUCE_USERNAME;
config.sauceKey = process.env.SAUCE_ACCESS_KEY;
config.multiCapabilities = [
capabilitiesForSauceLabs({
browserName: 'chrome',
platform: 'OS X 10.11',
version: '48'
}),
capabilitiesForSauceLabs({
browserName: 'firefox',
version: '47'
}),
capabilitiesForSauceLabs({
browserName: 'safari',
platform: 'OS X 10.11',
version: '9'
})
];
}
config.allScriptsTimeout = 30000;
config.getPageTimeout = 30000;
exports.config = config;
function capabilitiesForBrowserStack(capabilities) {
return {
'browserstack.user': process.env.BROWSER_STACK_USERNAME,
'browserstack.key': process.env.BROWSER_STACK_ACCESS_KEY,
'browserstack.local': 'true',
'browserstack.debug': 'true',
'browserstack.tunnelIdentifier': process.env.TRAVIS_JOB_NUMBER,
'tunnelIdentifier': process.env.TRAVIS_JOB_NUMBER,
'name': 'AngularJS E2E',
'build': process.env.TRAVIS_BUILD_NUMBER,
'browserName': capabilities.browserName,
'platform': capabilities.platform,
'version': capabilities.version,
'elementScrollBehavior': 1
};
}
function capabilitiesForSauceLabs(capabilities) {
return {
'tunnel-identifier': process.env.TRAVIS_JOB_NUMBER,
'name': 'AngularJS E2E',
'build': process.env.TRAVIS_BUILD_NUMBER,
'browserName': capabilities.browserName,
'platform': capabilities.platform,
'version': capabilities.version,
'elementScrollBehavior': 1,
// Allow e2e test sessions to run for a maximum of 35 minutes, instead of the default 30 minutes.
'maxDuration': 2100
};
}
+1
View File
@@ -1,6 +1,7 @@
#!/bin/bash
# Tags a release
# so that travis can do the actual release.
echo "#################################"
echo "## Tag angular.js for a release #"
@@ -1,9 +1,9 @@
'use strict';
const functions = require('firebase-functions');
const {Storage} = require('@google-cloud/storage');
const gcs = require('@google-cloud/storage')();
const path = require('path');
const storage = new Storage();
const gcsBucketId = `${process.env.GCLOUD_PROJECT}.appspot.com`;
const BROWSER_CACHE_DURATION = 60 * 10;
@@ -23,7 +23,7 @@ function sendStoredFile(request, response) {
const version = filePathSegments[0];
const isDocsPath = filePathSegments[1] === 'docs';
const lastSegment = filePathSegments[filePathSegments.length - 1];
const bucket = storage.bucket(gcsBucketId);
const bucket = gcs.bucket(gcsBucketId);
let downloadSource;
let fileName;
@@ -40,13 +40,13 @@ function sendStoredFile(request, response) {
return getDirectoryListing('/').catch(sendErrorResponse);
}
downloadSource = filePathSegments.join('/');
downloadSource = path.join.apply(null, filePathSegments);
downloadAndSend(downloadSource).catch(error => {
if (isDocsPath && error.code === 404) {
fileName = 'index.html';
filePathSegments = [version, 'docs', fileName];
downloadSource = filePathSegments.join('/');
downloadSource = path.join.apply(null, filePathSegments);
return downloadAndSend(downloadSource);
}
@@ -199,12 +199,12 @@ const snapshotRegex = /^snapshot(-stable)?\//;
* When a new zip file is uploaded into snapshot or snapshot-stable,
* delete the previous zip file.
*/
function deleteOldSnapshotZip(object) {
function deleteOldSnapshotZip(object, context) {
const bucketId = object.bucket;
const filePath = object.name;
const contentType = object.contentType;
const bucket = storage.bucket(bucketId);
const bucket = gcs.bucket(bucketId);
const snapshotFolderMatch = filePath.match(snapshotRegex);
File diff suppressed because it is too large Load Diff
@@ -2,12 +2,12 @@
"name": "functions-firebase-code.angularjs.org",
"description": "Cloud Functions to serve files from gcs to code.angularjs.org",
"engines": {
"node": "14"
"node": "8"
},
"dependencies": {
"@google-cloud/storage": "^5.8.5",
"firebase-admin": "^9.9.0",
"firebase-functions": "^3.14.1"
"@google-cloud/storage": "^4.7.0",
"firebase-admin": "^8.10.0",
"firebase-functions": "^3.6.0"
},
"private": true
}
File diff suppressed because it is too large Load Diff
@@ -1,15 +1,15 @@
Firebase for code.angularjs.org
===============================
This folder contains the Google Firebase scripts for the `code.angularjs.org` setup.
This folder contains the Google Firebase scripts for the code.angularjs.org setup.
`firebase.json` contains the rewrite rules that route every subdirectory request to the cloud function in `functions/index.js` that serves the docs from the Firebase Google Cloud Storage bucket.
firebase.json contains the rewrite rules that route every subdirectory request to the cloud function
in functions/index.js that serves the docs from the Firebase Google Cloud Storage bucket.
`functions/index.js` also contains a rule that deletes outdated build zip files from the snapshot and snapshot-stable folders when new zip files are uploaded.
functions/index.js also contains a rule that deletes outdated build zip files
from the snapshot and snapshot-stable folders when new zip files are uploaded.
See `/scripts/docs.angularjs.org-firebase/readme.firebase.code.md` for the Firebase deployment to `docs.angularjs.org`.
The deployment to the Google Cloud Storage bucket happens automatically via Travis. See the travis.yml
file in the repository root.
# Continuous integration
The code is deployed to Google Firebase hosting and functions as well as to the Google Cloud Storage bucket automatically via CI.
See `.circleci/config.yml` for the complete deployment config and build steps.
See /readme.firebase.docs.md for the firebase deployment to docs.angularjs.org
+1 -1
View File
@@ -63,7 +63,7 @@ function _update_code() {
function publish {
# publish updates the code.angularjs.org Github repository
# the deployment to Firebase happens via CI
# the deployment to Firebase happens via Travis
_update_code
}
@@ -1,6 +1,6 @@
{
"hosting": {
"public": "deploy",
"public": "../../deploy/docs",
"redirects": [
{
"source": "/error/:namespace\\::error*",
File diff suppressed because it is too large Load Diff
@@ -1,24 +1,21 @@
{
"name": "functions",
"description": "Cloud Functions for Firebase",
"engines": {
"node": "14"
},
"scripts": {
"lint": "eslint .",
"serve": "firebase emulators:start --only functions",
"shell": "firebase functions:shell",
"serve": "firebase serve --only functions",
"shell": "firebase experimental:functions:shell",
"start": "npm run shell",
"deploy": "firebase deploy --only functions",
"logs": "firebase functions:log"
},
"dependencies": {
"firebase-admin": "^9.9.0",
"firebase-functions": "^3.14.1"
"firebase-admin": "^8.10.0",
"firebase-functions": "^3.6.0"
},
"devDependencies": {
"eslint": "^7.28.0",
"eslint-plugin-promise": "^5.1.0"
"eslint": "^4.12.0",
"eslint-plugin-promise": "^3.6.0"
},
"private": true
}
File diff suppressed because it is too large Load Diff
@@ -1,26 +1,23 @@
Firebase for docs.angularjs.org
===============================
This folder contains the Google Firebase scripts for the `docs.angularjs.org` setup.
See `/scripts/code.angularjs.org-firebase/readme.firebase.code.md` for the Firebase deployment to `code.angularjs.org`.
# Continuous integration
The docs are deployed to Google Firebase hosting and functions automatically via CI.
The docs are deployed to Google Firebase hosting via Travis deployment config, which expects
firebase.json in the repository root, which is done by a Grunt task (firebaseDocsJsonForTravis)
that modifies the paths in the firebase.json and copies it into the repository root.
See `.circleci/config.yml` for the complete deployment config and build steps.
See travis.yml for the complete deployment config, and scripts/travis/build.sh for the full deployment
build steps.
# Serving locally:
- Run `cd scripts/docs.angularjs.org-firebase`.
This changes the current working directory.
- Run `grunt:prepareDeploy`.
This copies docs content files into deploy/docs and the partials for Search Engine AJAX
Crawling into ./functions/content.
- Run `yarn grunt package`.
This builds the files that will be deployed.
- Run `firebase serve --only functions,hosting`
Creates a server at localhost:5000 that serves from deploy/docs and uses the local function
- Run `yarn grunt prepareDeploy`.
This copies docs content files into `./deploy` and the partials for Search Engine AJAX Crawling into `./functions/content`.
- Run `$(yarn bin)/firebase emulators:start` (or `..\..\node_modules\.bin\firebase emulators:start` on Windows).
Creates a server at http://localhost:5000 that serves from `./deploy` and uses the local function.
See /scripts/code.angularjs.org-firebase/readme.firebase.code.md for the firebase deployment to
code.angularjs.org
+44
View File
@@ -0,0 +1,44 @@
#!/bin/bash
echo "#################################"
echo "#### Jenkins Build ############"
echo "#################################"
source scripts/jenkins/init-node.sh
# Enable tracing and exit on first failure
set -xe
# This is the default set of browsers to use on the CI server unless overridden via env variable
if [[ -z "$BROWSERS" ]]
then
BROWSERS="Chrome"
fi
# CLEAN #
rm -f angular.min.js.gzip.size
rm -f angular.js.size
# BUILD #
yarn grunt ci-checks package --no-color
mkdir -p test_out
# UNIT TESTS #
yarn grunt test:unit --browsers="$BROWSERS" --reporters=dots,junit --no-colors --no-color
# END TO END TESTS #
yarn grunt test:ci-protractor
# DOCS APP TESTS #
yarn grunt test:docs --browsers="$BROWSERS" --reporters=dots,junit --no-colors --no-color
# Promises/A+ TESTS #
yarn grunt test:promises-aplus --no-color
# CHECK SIZE #
gzip -c < build/angular.min.js > build/angular.min.js.gzip
echo "YVALUE=`ls -l build/angular.min.js | cut -d" " -f 8`" > angular.min.js.size
echo "YVALUE=`ls -l build/angular.min.js.gzip | cut -d" " -f 8`" > angular.min.js.gzip.size
+18
View File
@@ -0,0 +1,18 @@
#!/bin/bash
# Install nvm for this shell
source ~/.nvm/nvm.sh
# Use version of node.js found in .nvmrc
nvm install
# clean out and install yarn
rm -rf ~/.yarn
curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.10.1
export PATH="$HOME/.yarn/bin:$PATH"
# Ensure that we have the local dependencies installed
yarn install
echo testing grunt version
yarn grunt --version
+38
View File
@@ -0,0 +1,38 @@
#!/bin/bash
echo "#################################"
echo "#### Update master ##############"
echo "#################################"
ARG_DEFS=()
function init {
if [[ ! $VERBOSE ]]; then
VERBOSE=false
fi
VERBOSE_ARG="--verbose=$VERBOSE"
}
function build {
cd ../..
scripts/jenkins/build.sh
cd $SCRIPT_DIR
}
function phase {
ACTION_ARG="--action=$1"
../code.angularjs.org/publish.sh $ACTION_ARG $VERBOSE_ARG
../bower/publish.sh $ACTION_ARG $VERBOSE_ARG
}
function run {
build
# First prepare all scripts (build, test, commit, tag, ...),
# so we are sure everything is all right
phase prepare
# only then publish to github
phase publish
}
source $(dirname $0)/../utils.inc
@@ -36,6 +36,7 @@ function init {
function build {
cd ../..
source scripts/jenkins/init-node.sh
yarn grunt ci-checks package --no-color
cd $SCRIPT_DIR
@@ -64,4 +65,4 @@ function run {
phase publish
}
source $(dirname $0)/../utils.inc
source $(dirname $0)/../utils.inc
@@ -38,4 +38,4 @@ function run {
phase publish
}
source $(dirname $0)/../utils.inc
source $(dirname $0)/../utils.inc
+28
View File
@@ -0,0 +1,28 @@
#!/bin/bash
set -e
mkdir -p "$LOGS_DIR"
if [ "$JOB" != "ci-checks" ]; then
echo "start_browser_provider"
./scripts/travis/start_browser_provider.sh
fi
# ci-checks and unit tests do not run against the packaged code
if [[ "$JOB" != "ci-checks" ]] && [[ "$JOB" != unit-* ]]; then
yarn grunt package
fi
# unit runs the docs tests too which need a built version of the code
if [[ "$JOB" = unit-* ]]; then
yarn grunt validate-angular-files
yarn grunt build
fi
# check this after the package, because at this point the browser_provider
# has probably arrived
if [ "$JOB" != "ci-checks" ]; then
echo "wait_for_browser_provider"
./scripts/travis/wait_for_browser_provider.sh
fi
+114
View File
@@ -0,0 +1,114 @@
#!/bin/bash
set -e
readonly THIS_DIR=$(cd $(dirname ${BASH_SOURCE[0]}); pwd)
readonly ROOT_DIR="$THIS_DIR/../.."
export BROWSER_STACK_ACCESS_KEY
export SAUCE_ACCESS_KEY
BROWSER_STACK_ACCESS_KEY=$(echo "$BROWSER_STACK_ACCESS_KEY" | rev)
SAUCE_ACCESS_KEY=$(echo "$SAUCE_ACCESS_KEY" | rev)
# The currently latest-1 version of desktop Safari on Saucelabs (v12.0) is unstable and disconnects
# consistently. The latest version (v12.1) works fine.
# TODO: Add `SL_Safari-1` back, once it no longer corresponds to v12.0.
BROWSERS="SL_Chrome,SL_Chrome-1,\
SL_Firefox,SL_Firefox-1,\
SL_Safari,\
SL_iOS,SL_iOS-1,\
SL_IE_9,SL_IE_10,SL_IE_11,\
SL_EDGE,SL_EDGE-1"
case "$JOB" in
"ci-checks")
grunt ci-checks
if [[ $TRAVIS_PULL_REQUEST != 'false' ]]; then
# validate commit messages of all commits in the PR
# convert commit range to 2 dots, as commitplease uses `git log`.
# See https://github.com/travis-ci/travis-ci/issues/4596 for more info
echo "Validate commit messages in PR:"
yarn run commitplease "${TRAVIS_COMMIT_RANGE/.../..}"
fi
;;
"unit-core")
grunt test:promises-aplus
grunt test:jqlite --browsers="$BROWSERS" --reporters=spec
;;
"unit-jquery")
grunt test:jquery --browsers="$BROWSERS" --reporters=spec
grunt test:jquery-2.2 --browsers="$BROWSERS" --reporters=spec
grunt test:jquery-2.1 --browsers="$BROWSERS" --reporters=spec
;;
"unit-modules")
grunt test:modules --browsers="$BROWSERS" --reporters=spec
;;
"docs-app")
grunt tests:docs --browsers="$BROWSERS" --reporters=spec
grunt test:travis-protractor --specs="docs/app/e2e/**/*.scenario.js"
;;
"e2e")
if [[ $TEST_TARGET == jquery* ]]; then
export USE_JQUERY=1
fi
if [[ "$TEST_TARGET" == jquery* ]]; then
TARGET_SPECS="build/docs/ptore2e/**/jquery_test.js"
else
TARGET_SPECS="build/docs/ptore2e/**/default_test.js"
fi
TARGET_SPECS="test/e2e/tests/**/*.js,$TARGET_SPECS"
grunt test:travis-protractor --specs="$TARGET_SPECS"
;;
"deploy")
export DEPLOY_DOCS
export DEPLOY_CODE
DIST_TAG=$( jq ".distTag" "package.json" | tr -d "\"[:space:]" )
# upload docs if the branch distTag from package.json is "latest" (i.e. stable branch)
if [[ "$DIST_TAG" == latest ]]; then
DEPLOY_DOCS=true
else
DEPLOY_DOCS=false
fi
# upload the build (code + docs) if ...
# the commit is tagged
# - or the branch is "master"
# - or the branch distTag from package.json is "latest" (i.e. stable branch)
if [[ "$TRAVIS_TAG" != '' || "$TRAVIS_BRANCH" == master || "$DIST_TAG" == latest ]]; then
DEPLOY_CODE=true
else
DEPLOY_CODE=false
fi
if [[ "$DEPLOY_DOCS" == true || "$DEPLOY_CODE" == true ]]; then
grunt prepareDeploy
if [[ "$DEPLOY_DOCS" == true ]]; then
# Install npm dependencies for Firebase functions.
(
cd "$ROOT_DIR/scripts/docs.angularjs.org-firebase/functions"
npm install
)
fi
else
echo "Skipping deployment build because conditions have not been met."
fi
;;
*)
echo "Unknown job type. Please set JOB to one of\
'ci-checks',\
'unit-core',\
'unit-jquery',\
'unit-modules',\
'docs-app',\
'e2e',\
or\
'deploy'."
;;
esac
+11
View File
@@ -0,0 +1,11 @@
#!/bin/bash
LOG_FILES=$LOGS_DIR/*
for FILE in $LOG_FILES; do
echo -e "\n\n\n"
echo "================================================================================"
echo " $FILE"
echo "================================================================================"
cat $FILE || true
done
+14
View File
@@ -0,0 +1,14 @@
#!/bin/bash
# Has to be run from project root directory.
if [ "$BROWSER_PROVIDER" == "browserstack" ]; then
echo "Using BrowserStack"
elif [ "$BROWSER_PROVIDER" == "saucelabs" ]; then
echo "Using SauceLabs"
else
echo "Invalid BROWSER_PROVIDER. Please set env var BROWSER_PROVIDER to 'saucelabs' or 'browserstack'."
exit 1
fi
./lib/${BROWSER_PROVIDER}/start_tunnel.sh
+4
View File
@@ -0,0 +1,4 @@
#!/bin/bash
# Has to be run from project root directory.
./lib/${BROWSER_PROVIDER}/teardown_tunnel.sh
+19
View File
@@ -0,0 +1,19 @@
#!/bin/bash
# Wait for Connect to be ready before exiting
# Time out if we wait for more than 2 minutes, so that we can print logs.
let "counter=0"
while [ ! -f $BROWSER_PROVIDER_READY_FILE ]; do
let "counter++"
if [ $counter -gt 240 ]; then
echo "Timed out after 2 minutes waiting for browser provider ready file"
# We must manually print logs here because travis will not run
# after_script commands if the failure occurs before the script
# phase.
./scripts/travis/print_logs.sh
exit 5
fi
sleep .5
done
-1
View File
@@ -100,7 +100,6 @@
"VALIDITY_STATE_PROPERTY": false,
"reloadWithDebugInfo": false,
"stringify": false,
"UNSAFE_restoreLegacyJqLiteXHTMLReplacement": false,
"NODE_TYPE_ELEMENT": false,
"NODE_TYPE_ATTRIBUTE": false,
+1 -22
View File
@@ -93,7 +93,6 @@
hasOwnProperty,
createMap,
stringify,
UNSAFE_restoreLegacyJqLiteXHTMLReplacement,
NODE_TYPE_ELEMENT,
NODE_TYPE_ATTRIBUTE,
@@ -1532,7 +1531,7 @@ function allowAutoBootstrap(document) {
link.href = src.value;
if (document.location.origin === link.origin) {
// Same-origin resources are always allowed, even for banned URL schemes.
// Same-origin resources are always allowed, even for non-whitelisted schemes.
return true;
}
// Disabled bootstrapping unless angular.js was loaded from a known scheme used on the web.
@@ -1950,26 +1949,6 @@ function bindJQuery() {
bindJQueryFired = true;
}
/**
* @ngdoc function
* @name angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement
* @module ng
* @kind function
*
* @description
* Restores the pre-1.8 behavior of jqLite that turns XHTML-like strings like
* `<div /><span />` to `<div></div><span></span>` instead of `<div><span></span></div>`.
* The new behavior is a security fix. Thus, if you need to call this function, please try to adjust
* your code for this change and remove your use of this function as soon as possible.
* Note that this only patches jqLite. If you use jQuery 3.5.0 or newer, please read the
* [jQuery 3.5 upgrade guide](https://jquery.com/upgrade-guide/3.5/) for more details
* about the workarounds.
*/
function UNSAFE_restoreLegacyJqLiteXHTMLReplacement() {
JQLite.legacyXHTMLReplacement = true;
}
/**
* throw error if the argument is falsy.
*/
-1
View File
@@ -156,7 +156,6 @@ function publishExternalAPI(angular) {
'callbacks': {$$counter: 0},
'getTestability': getTestability,
'reloadWithDebugInfo': reloadWithDebugInfo,
'UNSAFE_restoreLegacyJqLiteXHTMLReplacement': UNSAFE_restoreLegacyJqLiteXHTMLReplacement,
'$$minErr': minErr,
'$$csp': csp,
'$$encodeUriSegment': encodeUriSegment,
+1 -1
View File
@@ -1,6 +1,6 @@
/**
* @license AngularJS v"NG_VERSION_FULL"
* (c) 2010-2020 Google LLC. http://angularjs.org
* (c) 2010-2020 Google, Inc. http://angularjs.org
* License: MIT
*/
(function(window) {
+15 -58
View File
@@ -90,16 +90,6 @@
* - [`val()`](http://api.jquery.com/val/)
* - [`wrap()`](http://api.jquery.com/wrap/)
*
* jqLite also provides a method restoring pre-1.8 insecure treatment of XHTML-like tags.
* This legacy behavior turns input like `<div /><span />` to `<div></div><span></span>`
* instead of `<div><span></span></div>` like version 1.8 & newer do. To restore it, invoke:
* ```js
* angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement();
* ```
* Note that this only patches jqLite. If you use jQuery 3.5.0 or newer, please read the
* [jQuery 3.5 upgrade guide](https://jquery.com/upgrade-guide/3.5/) for more details
* about the workarounds.
*
* ## jQuery/jqLite Extras
* AngularJS also provides the following additional methods and events to both jQuery and jqLite:
*
@@ -179,36 +169,20 @@ var HTML_REGEXP = /<|&#?\w+;/;
var TAG_NAME_REGEXP = /<([\w:-]+)/;
var XHTML_TAG_REGEXP = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:-]+)[^>]*)\/>/gi;
// Table parts need to be wrapped with `<table>` or they're
// stripped to their contents when put in a div.
// XHTML parsers do not magically insert elements in the
// same way that tag soup parsers do, so we cannot shorten
// this by omitting <tbody> or other required elements.
var wrapMap = {
thead: ['table'],
col: ['colgroup', 'table'],
tr: ['tbody', 'table'],
td: ['tr', 'tbody', 'table']
'option': [1, '<select multiple="multiple">', '</select>'],
'thead': [1, '<table>', '</table>'],
'col': [2, '<table><colgroup>', '</colgroup></table>'],
'tr': [2, '<table><tbody>', '</tbody></table>'],
'td': [3, '<table><tbody><tr>', '</tr></tbody></table>'],
'_default': [0, '', '']
};
wrapMap.optgroup = wrapMap.option;
wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead;
wrapMap.th = wrapMap.td;
// Support: IE <10 only
// IE 9 requires an option wrapper & it needs to have the whole table structure
// set up in advance; assigning `"<td></td>"` to `tr.innerHTML` doesn't work, etc.
var wrapMapIE9 = {
option: [1, '<select multiple="multiple">', '</select>'],
_default: [0, '', '']
};
for (var key in wrapMap) {
var wrapMapValueClosing = wrapMap[key];
var wrapMapValue = wrapMapValueClosing.slice().reverse();
wrapMapIE9[key] = [wrapMapValue.length, '<' + wrapMapValue.join('><') + '>', '</' + wrapMapValueClosing.join('></') + '>'];
}
wrapMapIE9.optgroup = wrapMapIE9.option;
function jqLiteIsTextNode(html) {
return !HTML_REGEXP.test(html);
@@ -229,7 +203,7 @@ function jqLiteHasData(node) {
}
function jqLiteBuildFragment(html, context) {
var tmp, tag, wrap, finalHtml,
var tmp, tag, wrap,
fragment = context.createDocumentFragment(),
nodes = [], i;
@@ -240,30 +214,13 @@ function jqLiteBuildFragment(html, context) {
// Convert html into DOM nodes
tmp = fragment.appendChild(context.createElement('div'));
tag = (TAG_NAME_REGEXP.exec(html) || ['', ''])[1].toLowerCase();
finalHtml = JQLite.legacyXHTMLReplacement ?
html.replace(XHTML_TAG_REGEXP, '<$1></$2>') :
html;
wrap = wrapMap[tag] || wrapMap._default;
tmp.innerHTML = wrap[1] + html.replace(XHTML_TAG_REGEXP, '<$1></$2>') + wrap[2];
if (msie < 10) {
wrap = wrapMapIE9[tag] || wrapMapIE9._default;
tmp.innerHTML = wrap[1] + finalHtml + wrap[2];
// Descend through wrappers to the right content
i = wrap[0];
while (i--) {
tmp = tmp.firstChild;
}
} else {
wrap = wrapMap[tag] || [];
// Create wrappers & descend into them
i = wrap.length;
while (--i > -1) {
tmp.appendChild(window.document.createElement(wrap[i]));
tmp = tmp.firstChild;
}
tmp.innerHTML = finalHtml;
// Descend through wrappers to the right content
i = wrap[0];
while (i--) {
tmp = tmp.lastChild;
}
nodes = concat(nodes, tmp.childNodes);
+1 -1
View File
@@ -1,6 +1,6 @@
/**
* @license AngularJS v"NG_VERSION_FULL"
* (c) 2010-2020 Google LLC. http://angularjs.org
* (c) 2010-2020 Google, Inc. http://angularjs.org
* License: MIT
*/
'use strict';
+1 -1
View File
@@ -1,6 +1,6 @@
/**
* @license AngularJS v"NG_VERSION_FULL"
* (c) 2010-2020 Google LLC. http://angularjs.org
* (c) 2010-2020 Google, Inc. http://angularjs.org
* License: MIT
*/
(function(window, angular) {
+30 -72
View File
@@ -1106,8 +1106,8 @@
*
* Based on the context, other options may exist to mark a value as trusted / configure the behavior
* of {@link ng.$sce}. For example, to restrict the `RESOURCE_URL` context to specific origins, use
* the {@link $sceDelegateProvider#trustedResourceUrlList trustedResourceUrlList()}
* and {@link $sceDelegateProvider#bannedResourceUrlList bannedResourceUrlList()}.
* the {@link $sceDelegateProvider#resourceUrlWhitelist resourceUrlWhitelist()}
* and {@link $sceDelegateProvider#resourceUrlBlacklist resourceUrlBlacklist()}.
*
* {@link ng.$sce#what-trusted-context-types-are-supported- Find out more about the different context types}.
*
@@ -1116,7 +1116,7 @@
* By default, `$sce` will throw an error if it detects untrusted HTML content, and will not bind the
* content.
* However, if you include the {@link ngSanitize ngSanitize module}, it will try to sanitize the
* potentially dangerous HTML, e.g. strip non-trusted tags and attributes when binding to
* potentially dangerous HTML, e.g. strip non-whitelisted tags and attributes when binding to
* `innerHTML`.
*
* @example
@@ -1698,81 +1698,30 @@ function $CompileProvider($provide, $$sanitizeUriProvider) {
/**
* @ngdoc method
* @name $compileProvider#aHrefSanitizationTrustedUrlList
* @name $compileProvider#aHrefSanitizationWhitelist
* @kind function
*
* @description
* Retrieves or overrides the default regular expression that is used for determining trusted safe
* Retrieves or overrides the default regular expression that is used for whitelisting of safe
* urls during a[href] sanitization.
*
* The sanitization is a security measure aimed at preventing XSS attacks via html links.
*
* Any url about to be assigned to a[href] via data-binding is first normalized and turned into
* an absolute url. Afterwards, the url is matched against the `aHrefSanitizationTrustedUrlList`
* an absolute url. Afterwards, the url is matched against the `aHrefSanitizationWhitelist`
* regular expression. If a match is found, the original url is written into the dom. Otherwise,
* the absolute url is prefixed with `'unsafe:'` string and only then is it written into the DOM.
*
* @param {RegExp=} regexp New regexp to trust urls with.
* @param {RegExp=} regexp New regexp to whitelist urls with.
* @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
* chaining otherwise.
*/
this.aHrefSanitizationTrustedUrlList = function(regexp) {
this.aHrefSanitizationWhitelist = function(regexp) {
if (isDefined(regexp)) {
$$sanitizeUriProvider.aHrefSanitizationTrustedUrlList(regexp);
$$sanitizeUriProvider.aHrefSanitizationWhitelist(regexp);
return this;
} else {
return $$sanitizeUriProvider.aHrefSanitizationTrustedUrlList();
}
};
/**
* @ngdoc method
* @name $compileProvider#aHrefSanitizationWhitelist
* @kind function
*
* @deprecated
* sinceVersion="1.8.1"
*
* This method is deprecated. Use {@link $compileProvider#aHrefSanitizationTrustedUrlList
* aHrefSanitizationTrustedUrlList} instead.
*/
Object.defineProperty(this, 'aHrefSanitizationWhitelist', {
get: function() {
return this.aHrefSanitizationTrustedUrlList;
},
set: function(value) {
this.aHrefSanitizationTrustedUrlList = value;
}
});
/**
* @ngdoc method
* @name $compileProvider#imgSrcSanitizationTrustedUrlList
* @kind function
*
* @description
* Retrieves or overrides the default regular expression that is used for determining trusted safe
* urls during img[src] sanitization.
*
* The sanitization is a security measure aimed at prevent XSS attacks via html links.
*
* Any url about to be assigned to img[src] via data-binding is first normalized and turned into
* an absolute url. Afterwards, the url is matched against the `imgSrcSanitizationTrustedUrlList`
* regular expression. If a match is found, the original url is written into the dom. Otherwise,
* the absolute url is prefixed with `'unsafe:'` string and only then is it written into the DOM.
*
* @param {RegExp=} regexp New regexp to trust urls with.
* @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
* chaining otherwise.
*/
this.imgSrcSanitizationTrustedUrlList = function(regexp) {
if (isDefined(regexp)) {
$$sanitizeUriProvider.imgSrcSanitizationTrustedUrlList(regexp);
return this;
} else {
return $$sanitizeUriProvider.imgSrcSanitizationTrustedUrlList();
return $$sanitizeUriProvider.aHrefSanitizationWhitelist();
}
};
@@ -1782,20 +1731,29 @@ function $CompileProvider($provide, $$sanitizeUriProvider) {
* @name $compileProvider#imgSrcSanitizationWhitelist
* @kind function
*
* @deprecated
* sinceVersion="1.8.1"
* @description
* Retrieves or overrides the default regular expression that is used for whitelisting of safe
* urls during img[src] sanitization.
*
* This method is deprecated. Use {@link $compileProvider#imgSrcSanitizationTrustedUrlList
* imgSrcSanitizationTrustedUrlList} instead.
* The sanitization is a security measure aimed at prevent XSS attacks via html links.
*
* Any url about to be assigned to img[src] via data-binding is first normalized and turned into
* an absolute url. Afterwards, the url is matched against the `imgSrcSanitizationWhitelist`
* regular expression. If a match is found, the original url is written into the dom. Otherwise,
* the absolute url is prefixed with `'unsafe:'` string and only then is it written into the DOM.
*
* @param {RegExp=} regexp New regexp to whitelist urls with.
* @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
* chaining otherwise.
*/
Object.defineProperty(this, 'imgSrcSanitizationWhitelist', {
get: function() {
return this.imgSrcSanitizationTrustedUrlList;
},
set: function(value) {
this.imgSrcSanitizationTrustedUrlList = value;
this.imgSrcSanitizationWhitelist = function(regexp) {
if (isDefined(regexp)) {
$$sanitizeUriProvider.imgSrcSanitizationWhitelist(regexp);
return this;
} else {
return $$sanitizeUriProvider.imgSrcSanitizationWhitelist();
}
});
};
/**
* @ngdoc method
+3 -3
View File
@@ -13,9 +13,9 @@
* By default, the template URL is restricted to the same domain and protocol as the
* application document. This is done by calling {@link $sce#getTrustedResourceUrl
* $sce.getTrustedResourceUrl} on it. To load templates from other domains or protocols
* you may either add them to your {@link ng.$sceDelegateProvider#trustedResourceUrlList trusted
* resource URL list} or {@link $sce#trustAsResourceUrl wrap them} as trusted values. Refer to
* AngularJS's {@link ng.$sce Strict Contextual Escaping}.
* you may either {@link ng.$sceDelegateProvider#resourceUrlWhitelist whitelist them} or
* {@link $sce#trustAsResourceUrl wrap them} as trusted values. Refer to AngularJS's {@link
* ng.$sce Strict Contextual Escaping}.
*
* In addition, the browser's
* [Same Origin Policy](https://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_XMLHttpRequest)
+1 -1
View File
@@ -332,7 +332,7 @@
* For example: `item in items | filter:x as results` will store the fragment of the repeated items as `results`, but only after
* the items have been processed through the filter.
*
* Please note that `as [variable name]` is not an operator but rather a part of ngRepeat
* Please note that `as [variable name] is not an operator but rather a part of ngRepeat
* micro-syntax so it can be used only after all filters (and not as operator, inside an expression).
*
* For example: `item in items | filter : x | orderBy : order | limitTo : limit as results track by item.id` .
+3 -3
View File
@@ -42,11 +42,11 @@
var colorSpan = element(by.css('span'));
it('should check ng-style', function() {
expect(colorSpan.getCssValue('color')).toMatch(/rgba\(0, 0, 0, 1\)|rgb\(0, 0, 0\)/);
expect(colorSpan.getCssValue('color')).toBe('rgba(0, 0, 0, 1)');
element(by.css('input[value=\'set color\']')).click();
expect(colorSpan.getCssValue('color')).toMatch(/rgba\(255, 0, 0, 1\)|rgb\(255, 0, 0\)/);
expect(colorSpan.getCssValue('color')).toBe('rgba(255, 0, 0, 1)');
element(by.css('input[value=clear]')).click();
expect(colorSpan.getCssValue('color')).toMatch(/rgba\(0, 0, 0, 1\)|rgb\(0, 0, 0\)/);
expect(colorSpan.getCssValue('color')).toBe('rgba(0, 0, 0, 1)');
});
</file>
</example>
+14 -34
View File
@@ -388,7 +388,7 @@ function $HttpProvider() {
/**
* @ngdoc property
* @name $httpProvider#xsrfTrustedOrigins
* @name $httpProvider#xsrfWhitelistedOrigins
* @description
*
* Array containing URLs whose origins are trusted to receive the XSRF token. See the
@@ -402,7 +402,7 @@ function $HttpProvider() {
* Examples: `http://example.com`, `https://api.example.com:9876`
*
* <div class="alert alert-warning">
* It is not possible to trust specific URLs/paths. The `path`, `query` and `fragment` parts
* It is not possible to whitelist specific URLs/paths. The `path`, `query` and `fragment` parts
* of a URL will be ignored. For example, `https://foo.com/path/bar?query=baz#fragment` will be
* treated as `https://foo.com`, meaning that **all** requests to URLs starting with
* `https://foo.com/` will include the XSRF token.
@@ -413,9 +413,9 @@ function $HttpProvider() {
* ```js
* // App served from `https://example.com/`.
* angular.
* module('xsrfTrustedOriginsExample', []).
* module('xsrfWhitelistedOriginsExample', []).
* config(['$httpProvider', function($httpProvider) {
* $httpProvider.xsrfTrustedOrigins.push('https://api.example.com');
* $httpProvider.xsrfWhitelistedOrigins.push('https://api.example.com');
* }]).
* run(['$http', function($http) {
* // The XSRF token will be sent.
@@ -426,27 +426,7 @@ function $HttpProvider() {
* }]);
* ```
*/
var xsrfTrustedOrigins = this.xsrfTrustedOrigins = [];
/**
* @ngdoc property
* @name $httpProvider#xsrfWhitelistedOrigins
* @description
*
* @deprecated
* sinceVersion="1.8.1"
*
* This property is deprecated. Use {@link $httpProvider#xsrfTrustedOrigins xsrfTrustedOrigins}
* instead.
*/
Object.defineProperty(this, 'xsrfWhitelistedOrigins', {
get: function() {
return this.xsrfTrustedOrigins;
},
set: function(origins) {
this.xsrfTrustedOrigins = origins;
}
});
var xsrfWhitelistedOrigins = this.xsrfWhitelistedOrigins = [];
this.$get = ['$browser', '$httpBackend', '$$cookieReader', '$cacheFactory', '$rootScope', '$q', '$injector', '$sce',
function($browser, $httpBackend, $$cookieReader, $cacheFactory, $rootScope, $q, $injector, $sce) {
@@ -474,7 +454,7 @@ function $HttpProvider() {
/**
* A function to check request URLs against a list of allowed origins.
*/
var urlIsAllowedOrigin = urlIsAllowedOriginFactory(xsrfTrustedOrigins);
var urlIsAllowedOrigin = urlIsAllowedOriginFactory(xsrfWhitelistedOrigins);
/**
* @ngdoc service
@@ -848,16 +828,16 @@ function $HttpProvider() {
* The header will &mdash; by default &mdash; **not** be set for cross-domain requests. This
* prevents unauthorized servers (e.g. malicious or compromised 3rd-party APIs) from gaining
* access to your users' XSRF tokens and exposing them to Cross Site Request Forgery. If you
* want to, you can trust additional origins to also receive the XSRF token, by adding them
* to {@link ng.$httpProvider#xsrfTrustedOrigins xsrfTrustedOrigins}. This might be
* want to, you can whitelist additional origins to also receive the XSRF token, by adding them
* to {@link ng.$httpProvider#xsrfWhitelistedOrigins xsrfWhitelistedOrigins}. This might be
* useful, for example, if your application, served from `example.com`, needs to access your API
* at `api.example.com`.
* See {@link ng.$httpProvider#xsrfTrustedOrigins $httpProvider.xsrfTrustedOrigins} for
* See {@link ng.$httpProvider#xsrfWhitelistedOrigins $httpProvider.xsrfWhitelistedOrigins} for
* more details.
*
* <div class="alert alert-danger">
* **Warning**<br />
* Only trusted origins that you have control over and make sure you understand the
* Only whitelist origins that you have control over and make sure you understand the
* implications of doing so.
* </div>
*
@@ -984,8 +964,8 @@ function $HttpProvider() {
<file name="script.js">
angular.module('httpExample', [])
.config(['$sceDelegateProvider', function($sceDelegateProvider) {
// We must add the JSONP endpoint that we are using to the trusted list to show that we trust it
$sceDelegateProvider.trustedResourceUrlList([
// We must whitelist the JSONP endpoint that we are using to show that we trust it
$sceDelegateProvider.resourceUrlWhitelist([
'self',
'https://angularjs.org/**'
]);
@@ -1242,8 +1222,8 @@ function $HttpProvider() {
*
* Note that, since JSONP requests are sensitive because the response is given full access to the browser,
* the url must be declared, via {@link $sce} as a trusted resource URL.
* You can trust a URL by adding it to the trusted resource URL list via
* {@link $sceDelegateProvider#trustedResourceUrlList `$sceDelegateProvider.trustedResourceUrlList`} or
* You can trust a URL by adding it to the whitelist via
* {@link $sceDelegateProvider#resourceUrlWhitelist `$sceDelegateProvider.resourceUrlWhitelist`} or
* by explicitly trusting the URL via {@link $sce#trustAsResourceUrl `$sce.trustAsResourceUrl(url)`}.
*
* You should avoid generating the URL for the JSONP request from user provided data.
+2 -2
View File
@@ -1900,7 +1900,7 @@ function $ParseProvider() {
var useInputs = parsedExpression.inputs && !exp.inputs;
// Propagate the literal/inputs/constant attributes
// Propogate the literal/inputs/constant attributes
// ... but not oneTime since we are handling it
oneTimeWatch.literal = parsedExpression.literal;
oneTimeWatch.constant = parsedExpression.constant;
@@ -1987,7 +1987,7 @@ function $ParseProvider() {
fn.$$intercepted = parsedExpression;
fn.$$interceptor = interceptorFn;
// Propagate the literal/oneTime/constant attributes
// Propogate the literal/oneTime/constant attributes
fn.literal = parsedExpression.literal;
fn.oneTime = parsedExpression.oneTime;
fn.constant = parsedExpression.constant;
+15 -16
View File
@@ -7,12 +7,12 @@
*/
function $$SanitizeUriProvider() {
var aHrefSanitizationTrustedUrlList = /^\s*(https?|s?ftp|mailto|tel|file):/,
imgSrcSanitizationTrustedUrlList = /^\s*((https?|ftp|file|blob):|data:image\/)/;
var aHrefSanitizationWhitelist = /^\s*(https?|s?ftp|mailto|tel|file):/,
imgSrcSanitizationWhitelist = /^\s*((https?|ftp|file|blob):|data:image\/)/;
/**
* @description
* Retrieves or overrides the default regular expression that is used for determining trusted safe
* Retrieves or overrides the default regular expression that is used for whitelisting of safe
* urls during a[href] sanitization.
*
* The sanitization is a security measure aimed at prevent XSS attacks via HTML anchor links.
@@ -21,27 +21,27 @@ function $$SanitizeUriProvider() {
* the $sce.URL security context. When interpolation occurs a call is made to `$sce.trustAsUrl(url)`
* which in turn may call `$$sanitizeUri(url, isMedia)` to sanitize the potentially malicious URL.
*
* If the URL matches the `aHrefSanitizationTrustedUrlList` regular expression, it is returned unchanged.
* If the URL matches the `aHrefSanitizationWhitelist` regular expression, it is returned unchanged.
*
* If there is no match the URL is returned prefixed with `'unsafe:'` to ensure that when it is written
* to the DOM it is inactive and potentially malicious code will not be executed.
*
* @param {RegExp=} regexp New regexp to trust urls with.
* @param {RegExp=} regexp New regexp to whitelist urls with.
* @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
* chaining otherwise.
*/
this.aHrefSanitizationTrustedUrlList = function(regexp) {
this.aHrefSanitizationWhitelist = function(regexp) {
if (isDefined(regexp)) {
aHrefSanitizationTrustedUrlList = regexp;
aHrefSanitizationWhitelist = regexp;
return this;
}
return aHrefSanitizationTrustedUrlList;
return aHrefSanitizationWhitelist;
};
/**
* @description
* Retrieves or overrides the default regular expression that is used for determining trusted safe
* Retrieves or overrides the default regular expression that is used for whitelisting of safe
* urls during img[src] sanitization.
*
* The sanitization is a security measure aimed at prevent XSS attacks via HTML image src links.
@@ -51,28 +51,27 @@ function $$SanitizeUriProvider() {
* `$sce.trustAsMediaUrl(url)` which in turn may call `$$sanitizeUri(url, isMedia)` to sanitize
* the potentially malicious URL.
*
* If the URL matches the `imgSrcSanitizationTrustedUrlList` regular expression, it is returned
* unchanged.
* If the URL matches the `aImgSanitizationWhitelist` regular expression, it is returned unchanged.
*
* If there is no match the URL is returned prefixed with `'unsafe:'` to ensure that when it is written
* to the DOM it is inactive and potentially malicious code will not be executed.
*
* @param {RegExp=} regexp New regexp to trust urls with.
* @param {RegExp=} regexp New regexp to whitelist urls with.
* @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
* chaining otherwise.
*/
this.imgSrcSanitizationTrustedUrlList = function(regexp) {
this.imgSrcSanitizationWhitelist = function(regexp) {
if (isDefined(regexp)) {
imgSrcSanitizationTrustedUrlList = regexp;
imgSrcSanitizationWhitelist = regexp;
return this;
}
return imgSrcSanitizationTrustedUrlList;
return imgSrcSanitizationWhitelist;
};
this.$get = function() {
return function sanitizeUri(uri, isMediaUrl) {
// if (!uri) return uri;
var regex = isMediaUrl ? imgSrcSanitizationTrustedUrlList : aHrefSanitizationTrustedUrlList;
var regex = isMediaUrl ? imgSrcSanitizationWhitelist : aHrefSanitizationWhitelist;
var normalizedVal = urlResolve(uri && uri.trim()).href;
if (normalizedVal !== '' && !normalizedVal.match(regex)) {
return 'unsafe:' + normalizedVal;
+76 -117
View File
@@ -118,10 +118,10 @@ function adjustMatchers(matchers) {
* The default instance of `$sceDelegate` should work out of the box with little pain. While you
* can override it completely to change the behavior of `$sce`, the common case would
* involve configuring the {@link ng.$sceDelegateProvider $sceDelegateProvider} instead by setting
* your own trusted and banned resource lists for trusting URLs used for loading AngularJS resources
* such as templates. Refer {@link ng.$sceDelegateProvider#trustedResourceUrlList
* $sceDelegateProvider.trustedResourceUrlList} and {@link
* ng.$sceDelegateProvider#bannedResourceUrlList $sceDelegateProvider.bannedResourceUrlList}
* your own whitelists and blacklists for trusting URLs used for loading AngularJS resources such as
* templates. Refer {@link ng.$sceDelegateProvider#resourceUrlWhitelist
* $sceDelegateProvider.resourceUrlWhitelist} and {@link
* ng.$sceDelegateProvider#resourceUrlBlacklist $sceDelegateProvider.resourceUrlBlacklist}
*/
/**
@@ -134,12 +134,12 @@ function adjustMatchers(matchers) {
* The `$sceDelegateProvider` provider allows developers to configure the {@link ng.$sceDelegate
* $sceDelegate service}, used as a delegate for {@link ng.$sce Strict Contextual Escaping (SCE)}.
*
* The `$sceDelegateProvider` allows one to get/set the `trustedResourceUrlList` and
* `bannedResourceUrlList` used to ensure that the URLs used for sourcing AngularJS templates and
* other script-running URLs are safe (all places that use the `$sce.RESOURCE_URL` context). See
* {@link ng.$sceDelegateProvider#trustedResourceUrlList
* $sceDelegateProvider.trustedResourceUrlList} and
* {@link ng.$sceDelegateProvider#bannedResourceUrlList $sceDelegateProvider.bannedResourceUrlList},
* The `$sceDelegateProvider` allows one to get/set the whitelists and blacklists used to ensure
* that the URLs used for sourcing AngularJS templates and other script-running URLs are safe (all
* places that use the `$sce.RESOURCE_URL` context). See
* {@link ng.$sceDelegateProvider#resourceUrlWhitelist $sceDelegateProvider.resourceUrlWhitelist}
* and
* {@link ng.$sceDelegateProvider#resourceUrlBlacklist $sceDelegateProvider.resourceUrlBlacklist},
*
* For the general details about this service in AngularJS, read the main page for {@link ng.$sce
* Strict Contextual Escaping (SCE)}.
@@ -155,117 +155,64 @@ function adjustMatchers(matchers) {
*
* ```
* angular.module('myApp', []).config(function($sceDelegateProvider) {
* $sceDelegateProvider.trustedResourceUrlList([
* $sceDelegateProvider.resourceUrlWhitelist([
* // Allow same origin resource loads.
* 'self',
* // Allow loading from our assets domain. Notice the difference between * and **.
* 'http://srv*.assets.example.com/**'
* ]);
*
* // The banned resource URL list overrides the trusted resource URL list so the open redirect
* // here is blocked.
* $sceDelegateProvider.bannedResourceUrlList([
* // The blacklist overrides the whitelist so the open redirect here is blocked.
* $sceDelegateProvider.resourceUrlBlacklist([
* 'http://myapp.example.com/clickThru**'
* ]);
* });
* ```
* Note that an empty trusted resource URL list will block every resource URL from being loaded, and will require
* Note that an empty whitelist will block every resource URL from being loaded, and will require
* you to manually mark each one as trusted with `$sce.trustAsResourceUrl`. However, templates
* requested by {@link ng.$templateRequest $templateRequest} that are present in
* {@link ng.$templateCache $templateCache} will not go through this check. If you have a mechanism
* to populate your templates in that cache at config time, then it is a good idea to remove 'self'
* from the trusted resource URL lsit. This helps to mitigate the security impact of certain types
* of issues, like for instance attacker-controlled `ng-includes`.
* from that whitelist. This helps to mitigate the security impact of certain types of issues, like
* for instance attacker-controlled `ng-includes`.
*/
function $SceDelegateProvider() {
this.SCE_CONTEXTS = SCE_CONTEXTS;
// Resource URLs can also be trusted by policy.
var trustedResourceUrlList = ['self'],
bannedResourceUrlList = [];
/**
* @ngdoc method
* @name $sceDelegateProvider#trustedResourceUrlList
* @kind function
*
* @param {Array=} trustedResourceUrlList When provided, replaces the trustedResourceUrlList with
* the value provided. This must be an array or null. A snapshot of this array is used so
* further changes to the array are ignored.
* Follow {@link ng.$sce#resourceUrlPatternItem this link} for a description of the items
* allowed in this array.
*
* @return {Array} The currently set trusted resource URL array.
*
* @description
* Sets/Gets the list trusted of resource URLs.
*
* The **default value** when no `trustedResourceUrlList` has been explicitly set is `['self']`
* allowing only same origin resource requests.
*
* <div class="alert alert-warning">
* **Note:** the default `trustedResourceUrlList` of 'self' is not recommended if your app shares
* its origin with other apps! It is a good idea to limit it to only your application's directory.
* </div>
*/
this.trustedResourceUrlList = function(value) {
if (arguments.length) {
trustedResourceUrlList = adjustMatchers(value);
}
return trustedResourceUrlList;
};
var resourceUrlWhitelist = ['self'],
resourceUrlBlacklist = [];
/**
* @ngdoc method
* @name $sceDelegateProvider#resourceUrlWhitelist
* @kind function
*
* @deprecated
* sinceVersion="1.8.1"
*
* This method is deprecated. Use {@link $sceDelegateProvider#trustedResourceUrlList
* trustedResourceUrlList} instead.
*/
Object.defineProperty(this, 'resourceUrlWhitelist', {
get: function() {
return this.trustedResourceUrlList;
},
set: function(value) {
this.trustedResourceUrlList = value;
}
});
/**
* @ngdoc method
* @name $sceDelegateProvider#bannedResourceUrlList
* @kind function
*
* @param {Array=} bannedResourceUrlList When provided, replaces the `bannedResourceUrlList` with
* the value provided. This must be an array or null. A snapshot of this array is used so
* further changes to the array are ignored.</p><p>
* @param {Array=} whitelist When provided, replaces the resourceUrlWhitelist with the value
* provided. This must be an array or null. A snapshot of this array is used so further
* changes to the array are ignored.
* Follow {@link ng.$sce#resourceUrlPatternItem this link} for a description of the items
* allowed in this array.</p><p>
* The typical usage for the `bannedResourceUrlList` is to **block
* [open redirects](http://cwe.mitre.org/data/definitions/601.html)** served by your domain as
* these would otherwise be trusted but actually return content from the redirected domain.
* </p><p>
* Finally, **the banned resource URL list overrides the trusted resource URL list** and has
* the final say.
* allowed in this array.
*
* @return {Array} The currently set `bannedResourceUrlList` array.
* @return {Array} The currently set whitelist array.
*
* @description
* Sets/Gets the `bannedResourceUrlList` of trusted resource URLs.
* Sets/Gets the whitelist of trusted resource URLs.
*
* The **default value** when no trusted resource URL list has been explicitly set is the empty
* array (i.e. there is no `bannedResourceUrlList`.)
* The **default value** when no whitelist has been explicitly set is `['self']` allowing only
* same origin resource requests.
*
* <div class="alert alert-warning">
* **Note:** the default whitelist of 'self' is not recommended if your app shares its origin
* with other apps! It is a good idea to limit it to only your application's directory.
* </div>
*/
this.bannedResourceUrlList = function(value) {
this.resourceUrlWhitelist = function(value) {
if (arguments.length) {
bannedResourceUrlList = adjustMatchers(value);
resourceUrlWhitelist = adjustMatchers(value);
}
return bannedResourceUrlList;
return resourceUrlWhitelist;
};
/**
@@ -273,20 +220,32 @@ function $SceDelegateProvider() {
* @name $sceDelegateProvider#resourceUrlBlacklist
* @kind function
*
* @deprecated
* sinceVersion="1.8.1"
* @param {Array=} blacklist When provided, replaces the resourceUrlBlacklist with the value
* provided. This must be an array or null. A snapshot of this array is used so further
* changes to the array are ignored.</p><p>
* Follow {@link ng.$sce#resourceUrlPatternItem this link} for a description of the items
* allowed in this array.</p><p>
* The typical usage for the blacklist is to **block
* [open redirects](http://cwe.mitre.org/data/definitions/601.html)** served by your domain as
* these would otherwise be trusted but actually return content from the redirected domain.
* </p><p>
* Finally, **the blacklist overrides the whitelist** and has the final say.
*
* This method is deprecated. Use {@link $sceDelegateProvider#bannedResourceUrlList
* bannedResourceUrlList} instead.
* @return {Array} The currently set blacklist array.
*
* @description
* Sets/Gets the blacklist of trusted resource URLs.
*
* The **default value** when no whitelist has been explicitly set is the empty array (i.e. there
* is no blacklist.)
*/
Object.defineProperty(this, 'resourceUrlBlacklist', {
get: function() {
return this.bannedResourceUrlList;
},
set: function(value) {
this.bannedResourceUrlList = value;
this.resourceUrlBlacklist = function(value) {
if (arguments.length) {
resourceUrlBlacklist = adjustMatchers(value);
}
});
return resourceUrlBlacklist;
};
this.$get = ['$injector', '$$sanitizeUri', function($injector, $$sanitizeUri) {
@@ -311,17 +270,17 @@ function $SceDelegateProvider() {
function isResourceUrlAllowedByPolicy(url) {
var parsedUrl = urlResolve(url.toString());
var i, n, allowed = false;
// Ensure that at least one item from the trusted resource URL list allows this url.
for (i = 0, n = trustedResourceUrlList.length; i < n; i++) {
if (matchUrl(trustedResourceUrlList[i], parsedUrl)) {
// Ensure that at least one item from the whitelist allows this url.
for (i = 0, n = resourceUrlWhitelist.length; i < n; i++) {
if (matchUrl(resourceUrlWhitelist[i], parsedUrl)) {
allowed = true;
break;
}
}
if (allowed) {
// Ensure that no item from the banned resource URL list has blocked this url.
for (i = 0, n = bannedResourceUrlList.length; i < n; i++) {
if (matchUrl(bannedResourceUrlList[i], parsedUrl)) {
// Ensure that no item from the blacklist blocked this url.
for (i = 0, n = resourceUrlBlacklist.length; i < n; i++) {
if (matchUrl(resourceUrlBlacklist[i], parsedUrl)) {
allowed = false;
break;
}
@@ -442,9 +401,9 @@ function $SceDelegateProvider() {
* The contexts that can be sanitized are $sce.MEDIA_URL, $sce.URL and $sce.HTML. The first two are available
* by default, and the third one relies on the `$sanitize` service (which may be loaded through
* the `ngSanitize` module). Furthermore, for $sce.RESOURCE_URL context, a plain string may be
* accepted if the resource url policy defined by {@link ng.$sceDelegateProvider#trustedResourceUrlList
* `$sceDelegateProvider.trustedResourceUrlList`} and {@link ng.$sceDelegateProvider#bannedResourceUrlList
* `$sceDelegateProvider.bannedResourceUrlList`} accepts that resource.
* accepted if the resource url policy defined by {@link ng.$sceDelegateProvider#resourceUrlWhitelist
* `$sceDelegateProvider.resourceUrlWhitelist`} and {@link ng.$sceDelegateProvider#resourceUrlBlacklist
* `$sceDelegateProvider.resourceUrlBlacklist`} accepts that resource.
*
* This function will throw if the safe type isn't appropriate for this context, or if the
* value given cannot be accepted in the context (which might be caused by sanitization not
@@ -538,9 +497,9 @@ function $SceDelegateProvider() {
*
* To systematically block XSS security bugs, AngularJS treats all values as untrusted by default in
* HTML or sensitive URL bindings. When binding untrusted values, AngularJS will automatically
* run security checks on them (sanitizations, trusted URL resource, depending on context), or throw
* when it cannot guarantee the security of the result. That behavior depends strongly on contexts:
* HTML can be sanitized, but template URLs cannot, for instance.
* run security checks on them (sanitizations, whitelists, depending on context), or throw when it
* cannot guarantee the security of the result. That behavior depends strongly on contexts: HTML
* can be sanitized, but template URLs cannot, for instance.
*
* To illustrate this, consider the `ng-bind-html` directive. It renders its value directly as HTML:
* we call that the *context*. When given an untrusted input, AngularJS will attempt to sanitize it
@@ -619,8 +578,8 @@ function $SceDelegateProvider() {
* By default, AngularJS only loads templates from the same domain and protocol as the application
* document. This is done by calling {@link ng.$sce#getTrustedResourceUrl
* $sce.getTrustedResourceUrl} on the template URL. To load templates from other domains and/or
* protocols, you may either add them to the {@link ng.$sceDelegateProvider#trustedResourceUrlList
* trustedResourceUrlList} or {@link ng.$sce#trustAsResourceUrl wrap them} into trusted values.
* protocols, you may either {@link ng.$sceDelegateProvider#resourceUrlWhitelist whitelist
* them} or {@link ng.$sce#trustAsResourceUrl wrap it} into a trusted value.
*
* *Please note*:
* The browser's
@@ -648,8 +607,8 @@ function $SceDelegateProvider() {
* templates in `ng-include` from your application's domain without having to even know about SCE.
* It blocks loading templates from other domains or loading templates over http from an https
* served document. You can change these by setting your own custom {@link
* ng.$sceDelegateProvider#trustedResourceUrlList trusted resource URL list} and {@link
* ng.$sceDelegateProvider#bannedResourceUrlList banned resource URL list} for matching such URLs.
* ng.$sceDelegateProvider#resourceUrlWhitelist whitelists} and {@link
* ng.$sceDelegateProvider#resourceUrlBlacklist blacklists} for matching such URLs.
*
* This significantly reduces the overhead. It is far easier to pay the small overhead and have an
* application that's secure and can be audited to verify that with much more ease than bolting
@@ -664,7 +623,7 @@ function $SceDelegateProvider() {
* | `$sce.CSS` | For CSS that's safe to source into the application. Currently unused. Feel free to use it in your own directives. |
* | `$sce.MEDIA_URL` | For URLs that are safe to render as media. Is automatically converted from string by sanitizing when needed. |
* | `$sce.URL` | For URLs that are safe to follow as links. Is automatically converted from string by sanitizing when needed. Note that `$sce.URL` makes a stronger statement about the URL than `$sce.MEDIA_URL` does and therefore contexts requiring values trusted for `$sce.URL` can be used anywhere that values trusted for `$sce.MEDIA_URL` are required.|
* | `$sce.RESOURCE_URL` | For URLs that are not only safe to follow as links, but whose contents are also safe to include in your application. Examples include `ng-include`, `src` / `ngSrc` bindings for tags other than `IMG` (e.g. `IFRAME`, `OBJECT`, etc.) <br><br>Note that `$sce.RESOURCE_URL` makes a stronger statement about the URL than `$sce.URL` or `$sce.MEDIA_URL` do and therefore contexts requiring values trusted for `$sce.RESOURCE_URL` can be used anywhere that values trusted for `$sce.URL` or `$sce.MEDIA_URL` are required. <br><br> The {@link $sceDelegateProvider#trustedResourceUrlList $sceDelegateProvider#trustedResourceUrlList()} and {@link $sceDelegateProvider#bannedResourceUrlList $sceDelegateProvider#bannedResourceUrlList()} can be used to restrict trusted origins for `RESOURCE_URL` |
* | `$sce.RESOURCE_URL` | For URLs that are not only safe to follow as links, but whose contents are also safe to include in your application. Examples include `ng-include`, `src` / `ngSrc` bindings for tags other than `IMG` (e.g. `IFRAME`, `OBJECT`, etc.) <br><br>Note that `$sce.RESOURCE_URL` makes a stronger statement about the URL than `$sce.URL` or `$sce.MEDIA_URL` do and therefore contexts requiring values trusted for `$sce.RESOURCE_URL` can be used anywhere that values trusted for `$sce.URL` or `$sce.MEDIA_URL` are required. <br><br> The {@link $sceDelegateProvider#resourceUrlWhitelist $sceDelegateProvider#resourceUrlWhitelist()} and {@link $sceDelegateProvider#resourceUrlBlacklist $sceDelegateProvider#resourceUrlBlacklist()} can be used to restrict trusted origins for `RESOURCE_URL` |
* | `$sce.JS` | For JavaScript that is safe to execute in your application's context. Currently unused. Feel free to use it in your own directives. |
*
*
@@ -682,7 +641,7 @@ function $SceDelegateProvider() {
* There are no CSS or JS context bindings in AngularJS currently, so their corresponding `$sce.trustAs`
* functions aren't useful yet. This might evolve.
*
* ### Format of items in {@link ng.$sceDelegateProvider#trustedResourceUrlList trustedResourceUrlList}/{@link ng.$sceDelegateProvider#bannedResourceUrlList bannedResourceUrlList} <a name="resourceUrlPatternItem"></a>
* ### Format of items in {@link ng.$sceDelegateProvider#resourceUrlWhitelist resourceUrlWhitelist}/{@link ng.$sceDelegateProvider#resourceUrlBlacklist Blacklist} <a name="resourceUrlPatternItem"></a>
*
* Each element in these arrays must be one of the following:
*
@@ -696,7 +655,7 @@ function $SceDelegateProvider() {
* match themselves.
* - `*`: matches zero or more occurrences of any character other than one of the following 6
* characters: '`:`', '`/`', '`.`', '`?`', '`&`' and '`;`'. It's a useful wildcard for use
* for matching resource URL lists.
* in a whitelist.
* - `**`: matches zero or more occurrences of *any* character. As such, it's not
* appropriate for use in a scheme, domain, etc. as it would match too much. (e.g.
* http://**.example.com/ would match http://evil.com/?ignore=.example.com/ and that might
+4 -4
View File
@@ -73,10 +73,10 @@ function $TemplateRequestProvider() {
handleRequestFn.totalPendingRequests++;
// We consider the template cache holds only trusted templates, so
// there's no need to go through adding the template again to the trusted
// resources for keys that already are included in there. This also makes
// AngularJS accept any script directive, no matter its name. However, we
// still need to unwrap trusted types.
// there's no need to go through whitelisting again for keys that already
// are included in there. This also makes AngularJS accept any script
// directive, no matter its name. However, we still need to unwrap trusted
// types.
if (!isString(tpl) || isUndefined($templateCache.get(tpl))) {
tpl = $sce.getTrustedResourceUrl(tpl);
}
+5 -5
View File
@@ -125,20 +125,20 @@ function urlIsSameOriginAsBaseUrl(requestUrl) {
}
/**
* Create a function that can check a URL's origin against a list of allowed/trusted origins.
* Create a function that can check a URL's origin against a list of allowed/whitelisted origins.
* The current location's origin is implicitly trusted.
*
* @param {string[]} trustedOriginUrls - A list of URLs (strings), whose origins are trusted.
* @param {string[]} whitelistedOriginUrls - A list of URLs (strings), whose origins are trusted.
*
* @returns {Function} - A function that receives a URL (string or parsed URL object) and returns
* whether it is of an allowed origin.
*/
function urlIsAllowedOriginFactory(trustedOriginUrls) {
var parsedAllowedOriginUrls = [originUrl].concat(trustedOriginUrls.map(urlResolve));
function urlIsAllowedOriginFactory(whitelistedOriginUrls) {
var parsedAllowedOriginUrls = [originUrl].concat(whitelistedOriginUrls.map(urlResolve));
/**
* Check whether the specified URL (string or parsed URL object) has an origin that is allowed
* based on a list of trusted-origin URLs. The current location's origin is implicitly
* based on a list of whitelisted-origin URLs. The current location's origin is implicitly
* trusted.
*
* @param {string|Object} requestUrl - The URL to be checked (provided as a string that will be
+16 -16
View File
@@ -64,7 +64,7 @@ var ngAriaModule = angular.module('ngAria', ['ng']).
/**
* Internal Utilities
*/
var nativeAriaNodeNames = ['BUTTON', 'A', 'INPUT', 'TEXTAREA', 'SELECT', 'DETAILS', 'SUMMARY'];
var nodeBlackList = ['BUTTON', 'A', 'INPUT', 'TEXTAREA', 'SELECT', 'DETAILS', 'SUMMARY'];
var isNodeOneOf = function(elem, nodeTypeArray) {
if (nodeTypeArray.indexOf(elem[0].nodeName) !== -1) {
@@ -136,12 +136,12 @@ function $AriaProvider() {
config = angular.extend(config, newConfig);
};
function watchExpr(attrName, ariaAttr, nativeAriaNodeNames, negate) {
function watchExpr(attrName, ariaAttr, nodeBlackList, negate) {
return function(scope, elem, attr) {
if (attr.hasOwnProperty(ARIA_DISABLE_ATTR)) return;
var ariaCamelName = attr.$normalize(ariaAttr);
if (config[ariaCamelName] && !isNodeOneOf(elem, nativeAriaNodeNames) && !attr[ariaCamelName]) {
if (config[ariaCamelName] && !isNodeOneOf(elem, nodeBlackList) && !attr[ariaCamelName]) {
scope.$watch(attr[attrName], function(boolVal) {
// ensure boolean value
boolVal = negate ? !boolVal : !!boolVal;
@@ -165,7 +165,7 @@ function $AriaProvider() {
*
*```js
* ngAriaModule.directive('ngDisabled', ['$aria', function($aria) {
* return $aria.$$watchExpr('ngDisabled', 'aria-disabled', nativeAriaNodeNames, false);
* return $aria.$$watchExpr('ngDisabled', 'aria-disabled', nodeBlackList, false);
* }])
*```
* Shown above, the ngAria module creates a directive with the same signature as the
@@ -217,31 +217,31 @@ ngAriaModule.directive('ngShow', ['$aria', function($aria) {
return $aria.$$watchExpr('ngHide', 'aria-hidden', [], false);
}])
.directive('ngValue', ['$aria', function($aria) {
return $aria.$$watchExpr('ngValue', 'aria-checked', nativeAriaNodeNames, false);
return $aria.$$watchExpr('ngValue', 'aria-checked', nodeBlackList, false);
}])
.directive('ngChecked', ['$aria', function($aria) {
return $aria.$$watchExpr('ngChecked', 'aria-checked', nativeAriaNodeNames, false);
return $aria.$$watchExpr('ngChecked', 'aria-checked', nodeBlackList, false);
}])
.directive('ngReadonly', ['$aria', function($aria) {
return $aria.$$watchExpr('ngReadonly', 'aria-readonly', nativeAriaNodeNames, false);
return $aria.$$watchExpr('ngReadonly', 'aria-readonly', nodeBlackList, false);
}])
.directive('ngRequired', ['$aria', function($aria) {
return $aria.$$watchExpr('ngRequired', 'aria-required', nativeAriaNodeNames, false);
return $aria.$$watchExpr('ngRequired', 'aria-required', nodeBlackList, false);
}])
.directive('ngModel', ['$aria', function($aria) {
function shouldAttachAttr(attr, normalizedAttr, elem, allowNonAriaNodes) {
function shouldAttachAttr(attr, normalizedAttr, elem, allowBlacklistEls) {
return $aria.config(normalizedAttr) &&
!elem.attr(attr) &&
(allowNonAriaNodes || !isNodeOneOf(elem, nativeAriaNodeNames)) &&
(allowBlacklistEls || !isNodeOneOf(elem, nodeBlackList)) &&
(elem.attr('type') !== 'hidden' || elem[0].nodeName !== 'INPUT');
}
function shouldAttachRole(role, elem) {
// if element does not have role attribute
// AND element type is equal to role (if custom element has a type equaling shape) <-- remove?
// AND element is not in nativeAriaNodeNames
return !elem.attr('role') && (elem.attr('type') === role) && !isNodeOneOf(elem, nativeAriaNodeNames);
// AND element is not in nodeBlackList
return !elem.attr('role') && (elem.attr('type') === role) && !isNodeOneOf(elem, nodeBlackList);
}
function getShape(attr, elem) {
@@ -349,7 +349,7 @@ ngAriaModule.directive('ngShow', ['$aria', function($aria) {
};
}])
.directive('ngDisabled', ['$aria', function($aria) {
return $aria.$$watchExpr('ngDisabled', 'aria-disabled', nativeAriaNodeNames, false);
return $aria.$$watchExpr('ngDisabled', 'aria-disabled', nodeBlackList, false);
}])
.directive('ngMessages', function() {
return {
@@ -373,7 +373,7 @@ ngAriaModule.directive('ngShow', ['$aria', function($aria) {
var fn = $parse(attr.ngClick);
return function(scope, elem, attr) {
if (!isNodeOneOf(elem, nativeAriaNodeNames)) {
if (!isNodeOneOf(elem, nodeBlackList)) {
if ($aria.config('bindRoleForClick') && !elem.attr('role')) {
elem.attr('role', 'button');
@@ -389,7 +389,7 @@ ngAriaModule.directive('ngShow', ['$aria', function($aria) {
if (keyCode === 13 || keyCode === 32) {
// If the event is triggered on a non-interactive element ...
if (nativeAriaNodeNames.indexOf(event.target.nodeName) === -1 && !event.target.isContentEditable) {
if (nodeBlackList.indexOf(event.target.nodeName) === -1 && !event.target.isContentEditable) {
// ... prevent the default browser behavior (e.g. scrolling when pressing spacebar)
// See https://github.com/angular/angular.js/issues/16664
event.preventDefault();
@@ -411,7 +411,7 @@ ngAriaModule.directive('ngShow', ['$aria', function($aria) {
return function(scope, elem, attr) {
if (attr.hasOwnProperty(ARIA_DISABLE_ATTR)) return;
if ($aria.config('tabindex') && !elem.attr('tabindex') && !isNodeOneOf(elem, nativeAriaNodeNames)) {
if ($aria.config('tabindex') && !elem.attr('tabindex') && !isNodeOneOf(elem, nodeBlackList)) {
elem.attr('tabindex', 0);
}
};
+42 -20
View File
@@ -41,12 +41,12 @@ var htmlSanitizeWriter;
* @description
* Sanitizes an html string by stripping all potentially dangerous tokens.
*
* The input is sanitized by parsing the HTML into tokens. All safe tokens (from a trusted URI list) are
* The input is sanitized by parsing the HTML into tokens. All safe tokens (from a whitelist) are
* then serialized back to a properly escaped HTML string. This means that no unsafe input can make
* it into the returned string.
*
* The trusted URIs for URL sanitization of attribute values is configured using the functions
* `aHrefSanitizationTrustedUrlList` and `imgSrcSanitizationTrustedUrlList` of {@link $compileProvider}.
* The whitelist for URL sanitization of attribute values is configured using the functions
* `aHrefSanitizationWhitelist` and `imgSrcSanitizationWhitelist` of {@link $compileProvider}.
*
* The input may also contain SVG markup if this is enabled via {@link $sanitizeProvider}.
*
@@ -277,8 +277,8 @@ function $SanitizeProvider() {
* **Note**:
* The new attributes will not be treated as URI attributes, which means their values will not be
* sanitized as URIs using `$compileProvider`'s
* {@link ng.$compileProvider#aHrefSanitizationTrustedUrlList aHrefSanitizationTrustedUrlList} and
* {@link ng.$compileProvider#imgSrcSanitizationTrustedUrlList imgSrcSanitizationTrustedUrlList}.
* {@link ng.$compileProvider#aHrefSanitizationWhitelist aHrefSanitizationWhitelist} and
* {@link ng.$compileProvider#imgSrcSanitizationWhitelist imgSrcSanitizationWhitelist}.
*
* <div class="alert alert-info">
* This method must be called during the {@link angular.Module#config config} phase. Once the
@@ -421,30 +421,52 @@ function $SanitizeProvider() {
}
/**
* Create an inert document that contains the dirty HTML that needs sanitizing.
* We use the DOMParser API by default and fall back to createHTMLDocument if DOMParser is not
* available.
* Create an inert document that contains the dirty HTML that needs sanitizing
* Depending upon browser support we use one of three strategies for doing this.
* Support: Safari 10.x -> XHR strategy
* Support: Firefox -> DomParser strategy
*/
var getInertBodyElement /* function(html: string): HTMLBodyElement */ = (function(window, document) {
if (isDOMParserAvailable()) {
return getInertBodyElement_DOMParser;
}
if (!document || !document.implementation) {
var inertDocument;
if (document && document.implementation) {
inertDocument = document.implementation.createHTMLDocument('inert');
} else {
throw $sanitizeMinErr('noinert', 'Can\'t create an inert html document');
}
var inertDocument = document.implementation.createHTMLDocument('inert');
var inertBodyElement = (inertDocument.documentElement || inertDocument.getDocumentElement()).querySelector('body');
return getInertBodyElement_InertDocument;
function isDOMParserAvailable() {
try {
return !!getInertBodyElement_DOMParser('');
} catch (e) {
return false;
// Check for the Safari 10.1 bug - which allows JS to run inside the SVG G element
inertBodyElement.innerHTML = '<svg><g onload="this.parentNode.remove()"></g></svg>';
if (!inertBodyElement.querySelector('svg')) {
return getInertBodyElement_XHR;
} else {
// Check for the Firefox bug - which prevents the inner img JS from being sanitized
inertBodyElement.innerHTML = '<svg><p><style><img src="</style><img src=x onerror=alert(1)//">';
if (inertBodyElement.querySelector('svg img')) {
return getInertBodyElement_DOMParser;
} else {
return getInertBodyElement_InertDocument;
}
}
function getInertBodyElement_XHR(html) {
// We add this dummy element to ensure that the rest of the content is parsed as expected
// e.g. leading whitespace is maintained and tags like `<meta>` do not get hoisted to the `<head>` tag.
html = '<remove></remove>' + html;
try {
html = encodeURI(html);
} catch (e) {
return undefined;
}
var xhr = new window.XMLHttpRequest();
xhr.responseType = 'document';
xhr.open('GET', 'data:text/html;charset=utf-8,' + html, false);
xhr.send(null);
var body = xhr.response.body;
body.firstChild.remove();
return body;
}
function getInertBodyElement_DOMParser(html) {
// We add this dummy element to ensure that the rest of the content is parsed as expected
// e.g. leading whitespace is maintained and tags like `<meta>` do not get hoisted to the `<head>` tag.
+1 -6
View File
@@ -1793,12 +1793,7 @@ describe('angular', function() {
} else if (/Chrome\//.test(userAgent)) {
protocol = 'chrome-extension:';
} else if (/Safari\//.test(userAgent)) {
// On iOS, Safari versions <15 recognize `safari-extension:`, while versions >=15 only
// recognize `chrome-extension:`.
// (On macOS, Safari v15 recognizes both protocols, so it is fine to use either.)
var majorVersionMatch = /Version\/(\d+)/.exec(userAgent);
var majorVersion = majorVersionMatch ? parseInt(majorVersionMatch[1], 10) : 0;
protocol = (majorVersion < 15) ? 'safari-extension:' : 'chrome-extension:';
protocol = 'safari-extension:';
} else {
protocol = 'browserext:'; // Upcoming standard scheme.
}
-2
View File
@@ -123,8 +123,6 @@ describe('$anchorScroll', function() {
var lastAnchor = anchors.last();
var lastAnchorId = 'anchor-5';
if (browser.params.browser === 'firefox') return;
// Make sure there is not enough room to scroll the last anchor to the top
lastAnchor.getSize().then(function(size) {
var tempHeight = size.height + (yOffset / 2);
+4 -2
View File
@@ -9,12 +9,14 @@ describe('ngRoute promises', function() {
expect(element.all(by.tagName('li')).count()).toBe(5);
});
it('should time out if the promise takes long enough', function(done) {
it('should time out if the promise takes long enough', function() {
// Don't try this at home kids, I'm a protractor dev
browser.manage().timeouts().setScriptTimeout(1000);
browser.waitForAngular().then(function() {
fail('waitForAngular() should have timed out, but didn\'t');
}, done);
}, function(error) {
expect(error.message).toContain('Timed out waiting for asynchronous Angular tasks to finish');
});
});
it('should wait for route promises when navigating to another route', function() {
-9
View File
@@ -9,13 +9,4 @@ describe('Sample', function() {
it('should have the interpolated text', function() {
expect(element(by.binding('text')).getText()).toBe('Hello, world!');
});
it('should insert the ng-cloak styles', function() {
browser.executeScript(`
var span = document.createElement('span');
span.className = 'ng-cloak foo';
document.body.appendChild(span);
`);
expect(element(by.className('foo')).isDisplayed()).toBe(false);
});
});
-96
View File
@@ -147,13 +147,6 @@ describe('jqLite', function() {
expect(nodes[0].nodeName.toLowerCase()).toBe('option');
});
it('should allow construction of multiple <option> elements', function() {
var nodes = jqLite('<option></option><option></option>');
expect(nodes.length).toBe(2);
expect(nodes[0].nodeName.toLowerCase()).toBe('option');
expect(nodes[1].nodeName.toLowerCase()).toBe('option');
});
// Special tests for the construction of elements which are restricted (in the HTML5 spec) to
// being children of specific nodes.
@@ -176,95 +169,6 @@ describe('jqLite', function() {
expect(nodes[0].nodeName.toLowerCase()).toBe(name);
});
});
describe('security', function() {
it('shouldn\'t crash at attempts to close the table wrapper', function() {
// jQuery doesn't pass this test yet.
if (!_jqLiteMode) return;
// Support: IE <10
// In IE 9 we still need to use the old-style innerHTML assignment
// as that's the only one that works.
if (msie < 10) return;
expect(function() {
// This test case attempts to close the tags which wrap input
// based on matching done in wrapMap, escaping the wrapper & thus
// triggering an error when descending.
var el = jqLite('<td></td></tr></tbody></table><td></td>');
expect(el.length).toBe(2);
expect(el[0].nodeName.toLowerCase()).toBe('td');
expect(el[1].nodeName.toLowerCase()).toBe('td');
}).not.toThrow();
});
it('shouldn\'t unsanitize sanitized code', function(done) {
// jQuery <3.5.0 fail those tests.
if (isJQuery2x()) {
done();
return;
}
var counter = 0,
assertCount = 13,
container = jqLite('<div></div>');
function donePartial() {
counter++;
if (counter === assertCount) {
container.remove();
delete window.xss;
done();
}
}
jqLite(document.body).append(container);
window.xss = jasmine.createSpy('xss');
// Thanks to Masato Kinugawa from Cure53 for providing the following test cases.
// Note: below test cases need to invoke the xss function with consecutive
// decimal parameters for the assertions to be correct.
forEach([
'<img alt="<x" title="/><img src=url404 onerror=xss(0)>">',
'<img alt="\n<x" title="/>\n<img src=url404 onerror=xss(1)>">',
'<style><style/><img src=url404 onerror=xss(2)>',
'<xmp><xmp/><img src=url404 onerror=xss(3)>',
'<title><title /><img src=url404 onerror=xss(4)>',
'<iframe><iframe/><img src=url404 onerror=xss(5)>',
'<noframes><noframes/><img src=url404 onerror=xss(6)>',
'<noscript><noscript/><img src=url404 onerror=xss(7)>',
'<foo" alt="" title="/><img src=url404 onerror=xss(8)>">',
'<img alt="<x" title="" src="/><img src=url404 onerror=xss(9)>">',
'<noscript/><img src=url404 onerror=xss(10)>',
'<noembed><noembed/><img src=url404 onerror=xss(11)>',
'<option><style></option></select><img src=url404 onerror=xss(12)></style>'
], function(htmlString, index) {
var element = jqLite('<div></div>');
container.append(element);
element.append(jqLite(htmlString));
window.setTimeout(function() {
expect(window.xss).not.toHaveBeenCalledWith(index);
donePartial();
}, 1000);
});
});
it('should allow to restore legacy insecure behavior', function() {
// jQuery doesn't have this API.
if (!_jqLiteMode) return;
// eslint-disable-next-line new-cap
angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement();
var elem = jqLite('<div/><span/>');
expect(elem.length).toBe(2);
expect(elem[0].nodeName.toLowerCase()).toBe('div');
expect(elem[1].nodeName.toLowerCase()).toBe('span');
});
});
});
describe('_data', function() {
+25 -25
View File
@@ -151,30 +151,30 @@ describe('$compile', function() {
describe('configuration', function() {
it('should use $$sanitizeUriProvider for reconfiguration of the `aHrefSanitizationTrustedUrlList`', function() {
it('should use $$sanitizeUriProvider for reconfiguration of the `aHrefSanitizationWhitelist`', function() {
module(function($compileProvider, $$sanitizeUriProvider) {
var newRe = /safe:/, returnVal;
expect($compileProvider.aHrefSanitizationTrustedUrlList()).toBe($$sanitizeUriProvider.aHrefSanitizationTrustedUrlList());
returnVal = $compileProvider.aHrefSanitizationTrustedUrlList(newRe);
expect($compileProvider.aHrefSanitizationWhitelist()).toBe($$sanitizeUriProvider.aHrefSanitizationWhitelist());
returnVal = $compileProvider.aHrefSanitizationWhitelist(newRe);
expect(returnVal).toBe($compileProvider);
expect($$sanitizeUriProvider.aHrefSanitizationTrustedUrlList()).toBe(newRe);
expect($compileProvider.aHrefSanitizationTrustedUrlList()).toBe(newRe);
expect($$sanitizeUriProvider.aHrefSanitizationWhitelist()).toBe(newRe);
expect($compileProvider.aHrefSanitizationWhitelist()).toBe(newRe);
});
inject(function() {
// needed to the module definition above is run...
});
});
it('should use $$sanitizeUriProvider for reconfiguration of the `imgSrcSanitizationTrustedUrlList`', function() {
it('should use $$sanitizeUriProvider for reconfiguration of the `imgSrcSanitizationWhitelist`', function() {
module(function($compileProvider, $$sanitizeUriProvider) {
var newRe = /safe:/, returnVal;
expect($compileProvider.imgSrcSanitizationTrustedUrlList()).toBe($$sanitizeUriProvider.imgSrcSanitizationTrustedUrlList());
returnVal = $compileProvider.imgSrcSanitizationTrustedUrlList(newRe);
expect($compileProvider.imgSrcSanitizationWhitelist()).toBe($$sanitizeUriProvider.imgSrcSanitizationWhitelist());
returnVal = $compileProvider.imgSrcSanitizationWhitelist(newRe);
expect(returnVal).toBe($compileProvider);
expect($$sanitizeUriProvider.imgSrcSanitizationTrustedUrlList()).toBe(newRe);
expect($compileProvider.imgSrcSanitizationTrustedUrlList()).toBe(newRe);
expect($$sanitizeUriProvider.imgSrcSanitizationWhitelist()).toBe(newRe);
expect($compileProvider.imgSrcSanitizationWhitelist()).toBe(newRe);
});
inject(function() {
// needed to the module definition above is run...
@@ -11334,9 +11334,9 @@ describe('$compile', function() {
// IE9 rejects the `video` / `audio` tags with "Error: Not implemented"
if (msie !== 9 || tag === 'img') {
describe(tag + '[src] context requirement', function() {
it('should NOT require trusted values for trusted URIs', inject(function($rootScope, $compile) {
it('should NOT require trusted values for whitelisted URIs', inject(function($rootScope, $compile) {
element = $compile('<' + tag + ' src="{{testUrl}}"></' + tag + '>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is whitelisted
$rootScope.$digest();
expect(element.attr('src')).toEqual('http://example.com/image.mp4');
}));
@@ -11372,9 +11372,9 @@ describe('$compile', function() {
if (msie !== 9) {
['source', 'track'].forEach(function(tag) {
describe(tag + '[src]', function() {
it('should NOT require trusted values for trusted URIs', inject(function($rootScope, $compile) {
it('should NOT require trusted values for whitelisted URIs', inject(function($rootScope, $compile) {
element = $compile('<video><' + tag + ' src="{{testUrl}}"></' + tag + '></video>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is whitelisted
$rootScope.$digest();
expect(element.find(tag).attr('src')).toEqual('http://example.com/image.mp4');
}));
@@ -11509,14 +11509,14 @@ describe('$compile', function() {
});
});
it('should NOT require trusted values for trusted URI values', inject(function($rootScope, $compile, $sce) {
it('should NOT require trusted values for whitelisted values', inject(function($rootScope, $compile, $sce) {
element = $compile('<img srcset="{{testUrl}}"></img>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is whitelisted
$rootScope.$digest();
expect(element.attr('srcset')).toEqual('http://example.com/image.png');
}));
it('should accept trusted values, if they are also trusted URIs', inject(function($rootScope, $compile, $sce) {
it('should accept trusted values, if they are also whitelisted', inject(function($rootScope, $compile, $sce) {
element = $compile('<img srcset="{{testUrl}}"></img>')($rootScope);
$rootScope.testUrl = $sce.trustAsUrl('http://example.com');
$rootScope.$digest();
@@ -11602,8 +11602,8 @@ describe('$compile', function() {
});
describe('a[href] sanitization', function() {
it('should NOT require trusted values for trusted URI values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is trusted
it('should NOT require trusted values for whitelisted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is whitelisted
element = $compile('<a href="{{testUrl}}"></a>')($rootScope);
$rootScope.$digest();
expect(element.attr('href')).toEqual('http://example.com/image.png');
@@ -11613,8 +11613,8 @@ describe('$compile', function() {
expect(element.attr('ng-href')).toEqual('http://example.com/image.png');
}));
it('should accept trusted values for non-trusted URI values', inject(function($rootScope, $compile, $sce) {
$rootScope.testUrl = $sce.trustAsUrl('javascript:foo()'); // `javascript` is not trusted
it('should accept trusted values for non-whitelisted values', inject(function($rootScope, $compile, $sce) {
$rootScope.testUrl = $sce.trustAsUrl('javascript:foo()'); // `javascript` is not whitelisted
element = $compile('<a href="{{testUrl}}"></a>')($rootScope);
$rootScope.$digest();
expect(element.attr('href')).toEqual('javascript:foo()');
@@ -11624,8 +11624,8 @@ describe('$compile', function() {
expect(element.attr('ng-href')).toEqual('javascript:foo()');
}));
it('should sanitize non-trusted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'javascript:foo()'; // `javascript` is not trusted
it('should sanitize non-whitelisted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'javascript:foo()'; // `javascript` is not whitelisted
element = $compile('<a href="{{testUrl}}"></a>')($rootScope);
$rootScope.$digest();
expect(element.attr('href')).toEqual('unsafe:javascript:foo()');
@@ -11678,7 +11678,7 @@ describe('$compile', function() {
$provide.value('$$sanitizeUri', $$sanitizeUri);
});
inject(function($compile, $rootScope) {
// This URL would fail the RESOURCE_URL trusted list, but that test shouldn't be run
// This URL would fail the RESOURCE_URL whitelist, but that test shouldn't be run
// because these interpolations will be resolved against the URL context instead
$rootScope.testUrl = 'https://bad.example.org';
@@ -11700,7 +11700,7 @@ describe('$compile', function() {
$provide.value('$$sanitizeUri', $$sanitizeUri);
});
inject(function($compile, $rootScope) {
// This URL would fail the RESOURCE_URL trusted list, but that test shouldn't be run
// This URL would fail the RESOURCE_URL whitelist, but that test shouldn't be run
// because these interpolations will be resolved against the URL context instead
$rootScope.testUrl = 'https://bad.example.org';
+24 -24
View File
@@ -1271,10 +1271,10 @@ describe('input', function() {
var inputElm = helper.compileInput('<input type="datetime-local" ng-model="breakMe"/>');
$rootScope.$apply(function() {
$rootScope.breakMe = new Date(2009, 0, 6, 16, 25, 1, 337);
$rootScope.breakMe = new Date(2009, 0, 6, 16, 25, 0);
});
expect(inputElm.val()).toBe('2009-01-06T16:25:01.337');
expect(inputElm.val()).toBe('2009-01-06T16:25:00.000');
//set to text for browsers with datetime-local validation.
inputElm[0].setAttribute('type', 'text');
@@ -1324,32 +1324,32 @@ describe('input', function() {
it('should use UTC if specified in the options', function() {
var inputElm = helper.compileInput('<input type="datetime-local" ng-model="value" ng-model-options="{timezone: \'UTC\'}" />');
helper.changeInputValueTo('2000-01-01T01:02:03.456');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('2000-01-01T01:02');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 0));
$rootScope.$apply(function() {
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 3, 456));
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 0));
});
expect(inputElm.val()).toBe('2001-01-01T01:02:03.456');
expect(inputElm.val()).toBe('2001-01-01T01:02:00.000');
});
it('should be possible to override the timezone', function() {
var inputElm = helper.compileInput('<input type="datetime-local" ng-model="value" ng-model-options="{timezone: \'UTC\'}" />');
helper.changeInputValueTo('2000-01-01T01:02:03.456');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('2000-01-01T01:02');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 0));
inputElm.controller('ngModel').$overrideModelOptions({timezone: '+0500'});
$rootScope.$apply(function() {
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 3, 456));
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 0));
});
expect(inputElm.val()).toBe('2001-01-01T06:02:03.456');
expect(inputElm.val()).toBe('2001-01-01T06:02:00.000');
inputElm.controller('ngModel').$overrideModelOptions({timezone: 'UTC'});
helper.changeInputValueTo('2000-01-01T01:02:03.456');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('2000-01-01T01:02');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 0));
});
@@ -1360,13 +1360,13 @@ describe('input', function() {
var inputElm = helper.compileInput(
'<input type="datetime-local" ng-model="value" ng-model-options="' + ngModelOptions + '" />');
helper.changeInputValueTo('2000-01-01T06:02:03.456');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('2000-01-01T06:02');
expect(+$rootScope.value).toBe(Date.UTC(2000, 0, 1, 1, 2, 0));
$rootScope.$apply(function() {
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 3, 456));
$rootScope.value = new Date(Date.UTC(2001, 0, 1, 1, 2, 0));
});
expect(inputElm.val()).toBe('2001-01-01T06:02:03.456');
expect(inputElm.val()).toBe('2001-01-01T06:02:00.000');
}
);
@@ -1401,13 +1401,13 @@ describe('input', function() {
it('should allow to specify the seconds', function() {
var inputElm = helper.compileInput('<input type="datetime-local" ng-model="value"" />');
helper.changeInputValueTo('2000-01-01T01:02:03.456');
expect(+$rootScope.value).toBe(+new Date(2000, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('2000-01-01T01:02:03');
expect(+$rootScope.value).toBe(+new Date(2000, 0, 1, 1, 2, 3));
$rootScope.$apply(function() {
$rootScope.value = new Date(2001, 0, 1, 1, 2, 3, 456);
$rootScope.value = new Date(2001, 0, 1, 1, 2, 3);
});
expect(inputElm.val()).toBe('2001-01-01T01:02:03.456');
expect(inputElm.val()).toBe('2001-01-01T01:02:03.000');
});
@@ -1425,13 +1425,13 @@ describe('input', function() {
it('should allow four or more digits in year', function() {
var inputElm = helper.compileInput('<input type="datetime-local" ng-model="value" />');
helper.changeInputValueTo('10123-01-01T01:02:03.456');
expect(+$rootScope.value).toBe(+new Date(10123, 0, 1, 1, 2, 3, 456));
helper.changeInputValueTo('10123-01-01T01:02');
expect(+$rootScope.value).toBe(+new Date(10123, 0, 1, 1, 2, 0));
$rootScope.$apply(function() {
$rootScope.value = new Date(20456, 1, 1, 1, 2, 3, 456);
$rootScope.value = new Date(20456, 1, 1, 1, 2, 0);
});
expect(inputElm.val()).toBe('20456-02-01T01:02:03.456');
expect(inputElm.val()).toBe('20456-02-01T01:02:00.000');
}
);
}
+10 -10
View File
@@ -288,8 +288,8 @@ describe('$http', function() {
var $httpBackend, $http, $rootScope, $sce;
beforeEach(module(function($sceDelegateProvider) {
// Setup a special trusted url that we can use in testing JSONP requests
$sceDelegateProvider.trustedResourceUrlList(['http://special.trusted.resource.com/**']);
// Setup a special whitelisted url that we can use in testing JSONP requests
$sceDelegateProvider.resourceUrlWhitelist(['http://special.whitelisted.resource.com/**']);
}));
beforeEach(inject(['$httpBackend', '$http', '$rootScope', '$sce', function($hb, $h, $rs, $sc) {
@@ -2213,9 +2213,9 @@ describe('$http', function() {
var $httpBackend;
beforeEach(module(function($httpProvider) {
$httpProvider.xsrfTrustedOrigins.push(
'https://trusted.example.com',
'https://trusted2.example.com:1337/ignored/path');
$httpProvider.xsrfWhitelistedOrigins.push(
'https://whitelisted.example.com',
'https://whitelisted2.example.com:1337/ignored/path');
}));
beforeEach(inject(function(_$http_, _$httpBackend_) {
@@ -2312,8 +2312,8 @@ describe('$http', function() {
}
var requestUrls = [
'https://api.example.com/path',
'http://trusted.example.com',
'https://trusted2.example.com:1338'
'http://whitelisted.example.com',
'https://whitelisted2.example.com:1338'
];
mockedCookies['XSRF-TOKEN'] = 'secret';
@@ -2326,15 +2326,15 @@ describe('$http', function() {
});
it('should set an XSRF header for cross-domain requests to trusted origins',
it('should set an XSRF header for cross-domain requests to whitelisted origins',
inject(function($browser) {
function checkHeaders(headers) {
return headers['X-XSRF-TOKEN'] === 'secret';
}
var currentUrl = 'https://example.com/path';
var requestUrls = [
'https://trusted.example.com/path',
'https://trusted2.example.com:1337/path'
'https://whitelisted.example.com/path',
'https://whitelisted2.example.com:1337/path'
];
$browser.url(currentUrl);
+15 -15
View File
@@ -250,9 +250,9 @@ describe('ngProp*', function() {
// IE9 rejects the `video` / `audio` tags with "Error: Not implemented"
if (msie !== 9 || tag === 'img') {
describe(tag + '[src] context requirement', function() {
it('should NOT require trusted values for trusted URIs', inject(function($rootScope, $compile) {
it('should NOT require trusted values for whitelisted URIs', inject(function($rootScope, $compile) {
var element = $compile('<' + tag + ' ng-prop-src="testUrl"></' + tag + '>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is whitelisted
$rootScope.$digest();
expect(element.prop('src')).toEqual('http://example.com/image.mp4');
}));
@@ -279,7 +279,7 @@ describe('ngProp*', function() {
expect(element.prop('src')).toEqual('untrusted:foo()');
}));
it('should sanitize non-trusted values', inject(function($rootScope, $compile, $sce) {
it('should sanitize non-whitelisted values', inject(function($rootScope, $compile, $sce) {
// As a MEDIA_URL URL
var element = $compile('<' + tag + ' ng-prop-src="testUrl"></' + tag + '>')($rootScope);
// Some browsers complain if you try to write `javascript:` into an `img[src]`
@@ -308,9 +308,9 @@ describe('ngProp*', function() {
if (msie !== 9) {
['source', 'track'].forEach(function(tag) {
describe(tag + '[src]', function() {
it('should NOT require trusted values for trusted URIs', inject(function($rootScope, $compile) {
it('should NOT require trusted values for whitelisted URIs', inject(function($rootScope, $compile) {
var element = $compile('<video><' + tag + ' ng-prop-src="testUrl"></' + tag + '></video>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.mp4'; // `http` is whitelisted
$rootScope.$digest();
expect(element.find(tag).prop('src')).toEqual('http://example.com/image.mp4');
}));
@@ -335,7 +335,7 @@ describe('ngProp*', function() {
expect(element.find(tag).prop('src')).toEqual('javascript:foo()');
}));
it('should sanitize non-trusted values', inject(function($rootScope, $compile, $sce) {
it('should sanitize non-whitelisted values', inject(function($rootScope, $compile, $sce) {
var element = $compile('<video><' + tag + ' ng-prop-src="testUrl"></' + tag + '></video>')($rootScope);
$rootScope.testUrl = 'untrusted:foo()';
$rootScope.$digest();
@@ -412,14 +412,14 @@ describe('ngProp*', function() {
expect(element.prop('srcset')).toBe('');
}));
it('should NOT require trusted values for trusted URI values', inject(function($rootScope, $compile, $sce) {
it('should NOT require trusted values for whitelisted values', inject(function($rootScope, $compile, $sce) {
var element = $compile('<' + srcsetElement + ' ng-prop-srcset="testUrl"></' + srcsetElement + '>')($rootScope);
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is trusted
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is whitelisted
$rootScope.$digest();
expect(element.prop('srcset')).toEqual('http://example.com/image.png');
}));
it('should accept trusted values, if they are also trusted URIs', inject(function($rootScope, $compile, $sce) {
it('should accept trusted values, if they are also whitelisted', inject(function($rootScope, $compile, $sce) {
var element = $compile('<' + srcsetElement + ' ng-prop-srcset="testUrl"></' + srcsetElement + '>')($rootScope);
$rootScope.testUrl = $sce.trustAsUrl('http://example.com');
$rootScope.$digest();
@@ -506,8 +506,8 @@ describe('ngProp*', function() {
});
describe('a[href] sanitization', function() {
it('should NOT require trusted values for trusted URI values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is trusted
it('should NOT require trusted values for whitelisted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'http://example.com/image.png'; // `http` is whitelisted
var element = $compile('<a ng-prop-href="testUrl"></a>')($rootScope);
$rootScope.$digest();
expect(element.prop('href')).toEqual('http://example.com/image.png');
@@ -517,8 +517,8 @@ describe('ngProp*', function() {
expect(element.prop('href')).toEqual('http://example.com/image.png');
}));
it('should accept trusted values for non-trusted URI values', inject(function($rootScope, $compile, $sce) {
$rootScope.testUrl = $sce.trustAsUrl('javascript:foo()'); // `javascript` is not trusted
it('should accept trusted values for non-whitelisted values', inject(function($rootScope, $compile, $sce) {
$rootScope.testUrl = $sce.trustAsUrl('javascript:foo()'); // `javascript` is not whitelisted
var element = $compile('<a ng-prop-href="testUrl"></a>')($rootScope);
$rootScope.$digest();
expect(element.prop('href')).toEqual('javascript:foo()');
@@ -528,8 +528,8 @@ describe('ngProp*', function() {
expect(element.prop('href')).toEqual('javascript:foo()');
}));
it('should sanitize non-trusted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'javascript:foo()'; // `javascript` is not trusted
it('should sanitize non-whitelisted values', inject(function($rootScope, $compile) {
$rootScope.testUrl = 'javascript:foo()'; // `javascript` is not whitelisted
var element = $compile('<a ng-prop-href="testUrl"></a>')($rootScope);
$rootScope.$digest();
expect(element.prop('href')).toEqual('unsafe:javascript:foo()');

Some files were not shown because too many files have changed in this diff Show More