feat(): add option to html escape all values

In addition to fe94c1f the internal structure of escaping was replaced with a strategy pattern. That allows different kinds of sanitizing including standard html escaping.
angular-translate · Nov 24, 2013 · e042c44 · e042c44
1 parent a9c7db0
commit e042c44
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 19 deletions.
diff --git a/src/service/default-interpolation.js b/src/service/default-interpolation.js
@@ -13,18 +13,30 @@ angular.module('pascalprecht.translate').factory('$translateDefaultInterpolation
   var $translateInterpolator = {},
       $locale,
       $identifier = 'default',
-      $useSanitizedValues = false;
-
-  var sanitizeParams = function (params) {
-        var result = {};
-        for (var key in params) {
-          if (params.hasOwnProperty(key)) {
-            result[key] = angular.element('<div></div>').text(params[key]).html();
+      $sanitizeValueStrategy = null,
+      // map of all sanitize strategies
+      sanitizeValueStrategies = {
+        escaped: function (params) {
+          var result = {};
+          for (var key in params) {
+            if (params.hasOwnProperty(key)) {
+              result[key] = angular.element('<div></div>').text(params[key]).html();
+            }
           }
+          return result;
         }
-        return result;
       };
 
+  var sanitizeParams = function (params) {
+    var result;
+    if (typeof sanitizeValueStrategies[$sanitizeValueStrategy] === 'function') {
+      result = sanitizeValueStrategies[$sanitizeValueStrategy](params);
+    } else {
+      result = params;
+    }
+    return result;
+  };
+
   /**
    * @ngdoc function
    * @name pascalprecht.translate.$translateDefaultInterpolation#setLocale
@@ -53,8 +65,8 @@ angular.module('pascalprecht.translate').factory('$translateDefaultInterpolation
     return $identifier;
   };
 
-  $translateInterpolator.useSanitizedValues = function (value) {
-    $useSanitizedValues = (value === true);
+  $translateInterpolator.useSanitizeValueStrategy = function (value) {
+    $sanitizeValueStrategy = value;
     return this;
   };
 
@@ -70,7 +82,7 @@ angular.module('pascalprecht.translate').factory('$translateDefaultInterpolation
    * @returns {string} interpolated string.
    */
   $translateInterpolator.interpolate = function (string, interpolateParams) {
-    if ($useSanitizedValues) {
+    if ($sanitizeValueStrategy) {
       interpolateParams = sanitizeParams(interpolateParams);
     }
     return $interpolate(string)(interpolateParams);

diff --git a/src/service/translate.js b/src/service/translate.js
@@ -20,7 +20,7 @@ angular.module('pascalprecht.translate').provider('$translate', ['$STORAGE_KEY',
       $missingTranslationHandlerFactory,
       $interpolationFactory,
       $interpolatorFactories = [],
-      $interpolationSanitization = false,
+      $interpolationSanitizationStrategy = false,
       $loaderFactory,
       $loaderOptions,
       $notFoundIndicatorLeft,
@@ -175,8 +175,8 @@ angular.module('pascalprecht.translate').provider('$translate', ['$STORAGE_KEY',
     return this;
   };
 
-  this.useSanitizedValues = function (value) {
-    $interpolationSanitization = value;
+  this.useSanitizeValueStrategy = function (value) {
+    $interpolationSanitizationStrategy = value;
     return this;
   };
 
@@ -573,8 +573,8 @@ angular.module('pascalprecht.translate').provider('$translate', ['$STORAGE_KEY',
       }
 
       // apply additional settings
-      if (typeof defaultInterpolator.useSanitizedValues === 'function') {
-        defaultInterpolator.useSanitizedValues($interpolationSanitization);
+      if (typeof defaultInterpolator.useSanitizeValueStrategy === 'function') {
+        defaultInterpolator.useSanitizeValueStrategy($interpolationSanitizationStrategy);
       }
 
       // if we have additional interpolations that were added via
@@ -587,8 +587,8 @@ angular.module('pascalprecht.translate').provider('$translate', ['$STORAGE_KEY',
           // setting initial locale for each interpolation service
           interpolator.setLocale($preferredLanguage || $uses);
           // apply additional settings
-          if (typeof interpolator.useSanitizedValues === 'function') {
-            interpolator.useSanitizedValues($interpolationSanitization);
+          if (typeof interpolator.useSanitizeValueStrategy === 'function') {
+            interpolator.useSanitizeValueStrategy($interpolationSanitizationStrategy);
           }
           // make'em recognizable through id
           interpolatorHashMap[interpolator.getInterpolationIdentifier()] = interpolator;

diff --git a/test/unit/directive/translate.spec.js b/test/unit/directive/translate.spec.js
@@ -465,7 +465,7 @@ describe('pascalprecht.translate', function () {
       });
 
       $translateProvider.preferredLanguage('en');
-      $translateProvider.useSanitizedValues(true);
+      $translateProvider.useSanitizeValueStrategy('escaped');
     }));
 
     beforeEach(inject(function (_$rootScope_, _$compile_) {