We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Current behavior url("...") and url('...') both get sanitized to unsafe after 15ae710
url("...")
url('...')
unsafe
Expected/desired behavior
url("unsafe:<src url - no quotes>")
Other information
url()
The text was updated successfully, but these errors were encountered:
test(security): test case for quoted URL values.
cccef3d
Test case that fixes angular#8701. This is already supported with the latest sanitizer changes, but it's good to have an explicit test case.
3295be3
5e12a95
02da77c
This issue has been automatically locked due to inactivity. Please file a new issue if you are encountering a similar or related problem.
Read more about our automatic conversation locking policy.
This action has been performed automatically by a bot.
Sorry, something went wrong.
mprobst
Successfully merging a pull request may close this issue.
Current behavior
url("...")
andurl('...')
both get sanitized tounsafe
after 15ae710Expected/desired behavior
url("unsafe:<src url - no quotes>")
to be consistentOther information
url()
value also allow for optional WS but they should be seldom used.The text was updated successfully, but these errors were encountered: