X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fresources%2FMETA-INF%2Fresources%2Fdesigner%2Flib%2Fangular-sanitize.js;h=65f4719171f2f778c14182cab0f2c295dd26d82f;hb=ea5b0b5b35ddee80a07bef4af391387ed348658b;hp=2a28206d7d60324e6c91ebefd831cf86d9df40b3;hpb=5e9feb2a8e360b82dc2b6e4145e0fd847d2924ce;p=clamp.git diff --git a/src/main/resources/META-INF/resources/designer/lib/angular-sanitize.js b/src/main/resources/META-INF/resources/designer/lib/angular-sanitize.js index 2a28206d..65f47191 100644 --- a/src/main/resources/META-INF/resources/designer/lib/angular-sanitize.js +++ b/src/main/resources/META-INF/resources/designer/lib/angular-sanitize.js @@ -1,5 +1,5 @@ /** - * @license AngularJS v1.2.16 + * @license AngularJS v1.2.32 * (c) 2010-2014 Google, Inc. http://angularjs.org * License: MIT */ @@ -42,7 +42,7 @@ var $sanitizeMinErr = angular.$$minErr('$sanitize'); /** * @ngdoc service * @name $sanitize - * @function + * @kind function * * @description * The input is sanitized by parsing the html into tokens. All safe tokens (from a whitelist) are @@ -57,20 +57,21 @@ var $sanitizeMinErr = angular.$$minErr('$sanitize'); * @returns {string} Sanitized html. * * @example - + -
+
Snippet: @@ -158,14 +159,15 @@ function sanitizeText(chars) { // Regular Expressions for parsing tags and attributes var START_TAG_REGEXP = - /^<\s*([\w:-]+)((?:\s+[\w:-]+(?:\s*=\s*(?:(?:"[^"]*")|(?:'[^']*')|[^>\s]+))?)*)\s*(\/?)\s*>/, - END_TAG_REGEXP = /^<\s*\/\s*([\w:-]+)[^>]*>/, + /^<((?:[a-zA-Z])[\w:-]*)((?:\s+[\w:-]+(?:\s*=\s*(?:(?:"[^"]*")|(?:'[^']*')|[^>\s]+))?)*)\s*(\/?)\s*(>?)/, + END_TAG_REGEXP = /^<\/\s*([\w:-]+)[^>]*>/, ATTR_REGEXP = /([\w:-]+)(?:\s*=\s*(?:(?:"((?:[^"])*)")|(?:'((?:[^'])*)')|([^>\s]+)))?/g, BEGIN_TAG_REGEXP = /^/g, DOCTYPE_REGEXP = /]*?)>/i, CDATA_REGEXP = //g, + SURROGATE_PAIR_REGEXP = /[\uD800-\uDBFF][\uDC00-\uDFFF]/g, // Match everything outside of normal chars and " (quote character) NON_ALPHANUMERIC_REGEXP = /([^\#-~| |!])/g; @@ -207,7 +209,7 @@ var validElements = angular.extend({}, optionalEndTagElements); //Attributes that have href and hence need to be sanitized -var uriAttrs = makeMap("background,cite,href,longdesc,src,usemap"); +var uriAttrs = makeMap("background,cite,href,longdesc,src"); var validAttrs = angular.extend({}, uriAttrs, makeMap( 'abbr,align,alt,axis,bgcolor,border,cellpadding,cellspacing,class,clear,'+ 'color,cols,colspan,compact,coords,dir,face,headers,height,hreflang,hspace,'+ @@ -235,10 +237,18 @@ function makeMap(str) { * @param {object} handler */ function htmlParser( html, handler ) { - var index, chars, match, stack = [], last = html; + if (typeof html !== 'string') { + if (html === null || typeof html === 'undefined') { + html = ''; + } else { + html = '' + html; + } + } + var index, chars, match, stack = [], last = html, text; stack.last = function() { return stack[ stack.length - 1 ]; }; while ( html ) { + text = ''; chars = true; // Make sure we're not in a script or style element @@ -277,16 +287,23 @@ function htmlParser( html, handler ) { match = html.match( START_TAG_REGEXP ); if ( match ) { - html = html.substring( match[0].length ); - match[0].replace( START_TAG_REGEXP, parseStartTag ); + // We only have a valid start-tag if there is a '>'. + if ( match[4] ) { + html = html.substring( match[0].length ); + match[0].replace( START_TAG_REGEXP, parseStartTag ); + } chars = false; + } else { + // no ending tag found --- this piece should be encoded as an entity. + text += '<'; + html = html.substring(1); } } if ( chars ) { index = html.indexOf("<"); - var text = index < 0 ? html : html.substring( 0, index ); + text += index < 0 ? html : html.substring( 0, index ); html = index < 0 ? "" : html.substring( index ); if (handler.chars) handler.chars( decodeEntities(text) ); @@ -404,6 +421,11 @@ function decodeEntities(value) { function encodeEntities(value) { return value. replace(/&/g, '&'). + replace(SURROGATE_PAIR_REGEXP, function (value) { + var hi = value.charCodeAt(0); + var low = value.charCodeAt(1); + return '&#' + (((hi - 0xD800) * 0x400) + (low - 0xDC00) + 0x10000) + ';'; + }). replace(NON_ALPHANUMERIC_REGEXP, function(value){ return '&#' + value.charCodeAt(0) + ';'; }). @@ -476,7 +498,7 @@ angular.module('ngSanitize', []).provider('$sanitize', $SanitizeProvider); /** * @ngdoc filter * @name linky - * @function + * @kind function * * @description * Finds links in text input and turns them into html links. Supports http/https/ftp/mailto and @@ -492,20 +514,21 @@ angular.module('ngSanitize', []).provider('$sanitize', $SanitizeProvider); * * @example - + -
+
Snippet:
@@ -574,7 +597,7 @@ angular.module('ngSanitize', []).provider('$sanitize', $SanitizeProvider); */ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) { var LINKY_URL_REGEXP = - /((ftp|https?):\/\/|(mailto:)?[A-Za-z0-9._%+-]+@)\S*[^\s.;,(){}<>]/, + /((ftp|https?):\/\/|(mailto:)?[A-Za-z0-9._%+-]+@)\S*[^\s.;,(){}<>"]/, MAILTO_REGEXP = /^mailto:/; return function(text, target) { @@ -611,9 +634,9 @@ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) { html.push(target); html.push('" '); } - html.push('href="'); - html.push(url); - html.push('">'); + html.push('href="', + url.replace('"', '"'), + '">'); addText(text); html.push(''); } @@ -621,4 +644,4 @@ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) { }]); -})(window, window.angular); \ No newline at end of file +})(window, window.angular);