angular-gem 1.2.2 → 1.2.3

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,6 +1,6 @@
1
1
  /**
2
- * @license AngularJS v1.2.2
3
- * (c) 2010-2012 Google, Inc. http://angularjs.org
2
+ * @license AngularJS v1.2.3
3
+ * (c) 2010-2014 Google, Inc. http://angularjs.org
4
4
  * License: MIT
5
5
  */
6
6
  (function(window, document, undefined) {'use strict';
@@ -68,7 +68,7 @@ function minErr(module) {
68
68
  return match;
69
69
  });
70
70
 
71
- message = message + '\nhttp://errors.angularjs.org/1.2.2/' +
71
+ message = message + '\nhttp://errors.angularjs.org/1.2.3/' +
72
72
  (module ? module + '/' : '') + code;
73
73
  for (i = 2; i < arguments.length; i++) {
74
74
  message = message + (i == 2 ? '?' : '&') + 'p' + (i-2) + '=' +
@@ -623,7 +623,7 @@ var trim = (function() {
623
623
  // TODO: we should move this into IE/ES5 polyfill
624
624
  if (!String.prototype.trim) {
625
625
  return function(value) {
626
- return isString(value) ? value.replace(/^\s*/, '').replace(/\s*$/, '') : value;
626
+ return isString(value) ? value.replace(/^\s\s*/, '').replace(/\s\s*$/, '') : value;
627
627
  };
628
628
  }
629
629
  return function(value) {
@@ -1802,6 +1802,7 @@ function setupModuleLoader(window) {
1802
1802
  $ParseProvider,
1803
1803
  $RootScopeProvider,
1804
1804
  $QProvider,
1805
+ $$SanitizeUriProvider,
1805
1806
  $SceProvider,
1806
1807
  $SceDelegateProvider,
1807
1808
  $SnifferProvider,
@@ -1825,11 +1826,11 @@ function setupModuleLoader(window) {
1825
1826
  * - `codeName` – `{string}` – Code name of the release, such as "jiggling-armfat".
1826
1827
  */
1827
1828
  var version = {
1828
- full: '1.2.2', // all of these placeholder strings will be replaced by grunt's
1829
+ full: '1.2.3', // all of these placeholder strings will be replaced by grunt's
1829
1830
  major: 1, // package task
1830
1831
  minor: 2,
1831
- dot: 2,
1832
- codeName: 'consciousness-inertia'
1832
+ dot: 3,
1833
+ codeName: 'unicorn-zapper'
1833
1834
  };
1834
1835
 
1835
1836
 
@@ -1873,6 +1874,10 @@ function publishExternalAPI(angular){
1873
1874
 
1874
1875
  angularModule('ng', ['ngLocale'], ['$provide',
1875
1876
  function ngModule($provide) {
1877
+ // $$sanitizeUriProvider needs to be before $compileProvider as it is used by it.
1878
+ $provide.provider({
1879
+ $$sanitizeUri: $$SanitizeUriProvider
1880
+ });
1876
1881
  $provide.provider('$compile', $CompileProvider).
1877
1882
  directive({
1878
1883
  a: htmlAnchorDirective,
@@ -4889,7 +4894,7 @@ function $TemplateCacheProvider() {
4889
4894
  * </div>
4890
4895
  *
4891
4896
  * <div class="alert alert-error">
4892
- * **Note:** The `transclude` function that is passed to the compile function is deperecated, as it
4897
+ * **Note:** The `transclude` function that is passed to the compile function is deprecated, as it
4893
4898
  * e.g. does not know about the right outer scope. Please use the transclude function that is passed
4894
4899
  * to the link function instead.
4895
4900
  * </div>
@@ -5099,14 +5104,12 @@ var $compileMinErr = minErr('$compile');
5099
5104
  *
5100
5105
  * @description
5101
5106
  */
5102
- $CompileProvider.$inject = ['$provide'];
5103
- function $CompileProvider($provide) {
5107
+ $CompileProvider.$inject = ['$provide', '$$sanitizeUriProvider'];
5108
+ function $CompileProvider($provide, $$sanitizeUriProvider) {
5104
5109
  var hasDirectives = {},
5105
5110
  Suffix = 'Directive',
5106
5111
  COMMENT_DIRECTIVE_REGEXP = /^\s*directive\:\s*([\d\w\-_]+)\s+(.*)$/,
5107
- CLASS_DIRECTIVE_REGEXP = /(([\d\w\-_]+)(?:\:([^;]+))?;?)/,
5108
- aHrefSanitizationWhitelist = /^\s*(https?|ftp|mailto|tel|file):/,
5109
- imgSrcSanitizationWhitelist = /^\s*(https?|ftp|file):|data:image\//;
5112
+ CLASS_DIRECTIVE_REGEXP = /(([\d\w\-_]+)(?:\:([^;]+))?;?)/;
5110
5113
 
5111
5114
  // Ref: http://developers.whatwg.org/webappapis.html#event-handler-idl-attributes
5112
5115
  // The assumption is that future DOM event attribute names will begin with
@@ -5190,10 +5193,11 @@ function $CompileProvider($provide) {
5190
5193
  */
5191
5194
  this.aHrefSanitizationWhitelist = function(regexp) {
5192
5195
  if (isDefined(regexp)) {
5193
- aHrefSanitizationWhitelist = regexp;
5196
+ $$sanitizeUriProvider.aHrefSanitizationWhitelist(regexp);
5194
5197
  return this;
5198
+ } else {
5199
+ return $$sanitizeUriProvider.aHrefSanitizationWhitelist();
5195
5200
  }
5196
- return aHrefSanitizationWhitelist;
5197
5201
  };
5198
5202
 
5199
5203
 
@@ -5220,18 +5224,18 @@ function $CompileProvider($provide) {
5220
5224
  */
5221
5225
  this.imgSrcSanitizationWhitelist = function(regexp) {
5222
5226
  if (isDefined(regexp)) {
5223
- imgSrcSanitizationWhitelist = regexp;
5227
+ $$sanitizeUriProvider.imgSrcSanitizationWhitelist(regexp);
5224
5228
  return this;
5229
+ } else {
5230
+ return $$sanitizeUriProvider.imgSrcSanitizationWhitelist();
5225
5231
  }
5226
- return imgSrcSanitizationWhitelist;
5227
5232
  };
5228
5233
 
5229
-
5230
5234
  this.$get = [
5231
5235
  '$injector', '$interpolate', '$exceptionHandler', '$http', '$templateCache', '$parse',
5232
- '$controller', '$rootScope', '$document', '$sce', '$animate',
5236
+ '$controller', '$rootScope', '$document', '$sce', '$animate', '$$sanitizeUri',
5233
5237
  function($injector, $interpolate, $exceptionHandler, $http, $templateCache, $parse,
5234
- $controller, $rootScope, $document, $sce, $animate) {
5238
+ $controller, $rootScope, $document, $sce, $animate, $$sanitizeUri) {
5235
5239
 
5236
5240
  var Attributes = function(element, attr) {
5237
5241
  this.$$element = element;
@@ -5336,16 +5340,7 @@ function $CompileProvider($provide) {
5336
5340
  // sanitize a[href] and img[src] values
5337
5341
  if ((nodeName === 'A' && key === 'href') ||
5338
5342
  (nodeName === 'IMG' && key === 'src')) {
5339
- // NOTE: urlResolve() doesn't support IE < 8 so we don't sanitize for that case.
5340
- if (!msie || msie >= 8 ) {
5341
- normalizedVal = urlResolve(value).href;
5342
- if (normalizedVal !== '') {
5343
- if ((key === 'href' && !normalizedVal.match(aHrefSanitizationWhitelist)) ||
5344
- (key === 'src' && !normalizedVal.match(imgSrcSanitizationWhitelist))) {
5345
- this[key] = value = 'unsafe:' + normalizedVal;
5346
- }
5347
- }
5348
- }
5343
+ this[key] = value = $$sanitizeUri(value, key === 'src');
5349
5344
  }
5350
5345
 
5351
5346
  if (writeAttr !== false) {
@@ -7818,12 +7813,11 @@ var XHR = window.XMLHttpRequest || function() {
7818
7813
  */
7819
7814
  function $HttpBackendProvider() {
7820
7815
  this.$get = ['$browser', '$window', '$document', function($browser, $window, $document) {
7821
- return createHttpBackend($browser, XHR, $browser.defer, $window.angular.callbacks,
7822
- $document[0], $window.location.protocol.replace(':', ''));
7816
+ return createHttpBackend($browser, XHR, $browser.defer, $window.angular.callbacks, $document[0]);
7823
7817
  }];
7824
7818
  }
7825
7819
 
7826
- function createHttpBackend($browser, XHR, $browserDefer, callbacks, rawDocument, locationProtocol) {
7820
+ function createHttpBackend($browser, XHR, $browserDefer, callbacks, rawDocument) {
7827
7821
  var ABORTED = -1;
7828
7822
 
7829
7823
  // TODO(vojta): fix the signature
@@ -7903,14 +7897,14 @@ function createHttpBackend($browser, XHR, $browserDefer, callbacks, rawDocument,
7903
7897
  }
7904
7898
 
7905
7899
  function completeRequest(callback, status, response, headersString) {
7906
- var protocol = locationProtocol || urlResolve(url).protocol;
7900
+ var protocol = urlResolve(url).protocol;
7907
7901
 
7908
7902
  // cancel timeout and subsequent timeout promise resolution
7909
7903
  timeoutId && $browserDefer.cancel(timeoutId);
7910
7904
  jsonpDone = xhr = null;
7911
7905
 
7912
7906
  // fix status code for file protocol (it's always 0)
7913
- status = (protocol == 'file') ? (response ? 200 : 404) : status;
7907
+ status = (protocol == 'file' && status === 0) ? (response ? 200 : 404) : status;
7914
7908
 
7915
7909
  // normalize IE bug (http://bugs.jquery.com/ticket/1450)
7916
7910
  status = status == 1223 ? 204 : status;
@@ -8530,7 +8524,47 @@ function LocationHashbangUrl(appBase, hashPrefix) {
8530
8524
  hashPrefix);
8531
8525
  }
8532
8526
  parseAppUrl(withoutHashUrl, this, appBase);
8527
+
8528
+ this.$$path = removeWindowsDriveName(this.$$path, withoutHashUrl, appBase);
8529
+
8533
8530
  this.$$compose();
8531
+
8532
+ /*
8533
+ * In Windows, on an anchor node on documents loaded from
8534
+ * the filesystem, the browser will return a pathname
8535
+ * prefixed with the drive name ('/C:/path') when a
8536
+ * pathname without a drive is set:
8537
+ * * a.setAttribute('href', '/foo')
8538
+ * * a.pathname === '/C:/foo' //true
8539
+ *
8540
+ * Inside of Angular, we're always using pathnames that
8541
+ * do not include drive names for routing.
8542
+ */
8543
+ function removeWindowsDriveName (path, url, base) {
8544
+ /*
8545
+ Matches paths for file protocol on windows,
8546
+ such as /C:/foo/bar, and captures only /foo/bar.
8547
+ */
8548
+ var windowsFilePathExp = /^\/?.*?:(\/.*)/;
8549
+
8550
+ var firstPathSegmentMatch;
8551
+
8552
+ //Get the relative path from the input URL.
8553
+ if (url.indexOf(base) === 0) {
8554
+ url = url.replace(base, '');
8555
+ }
8556
+
8557
+ /*
8558
+ * The input URL intentionally contains a
8559
+ * first path segment that ends with a colon.
8560
+ */
8561
+ if (windowsFilePathExp.exec(url)) {
8562
+ return path;
8563
+ }
8564
+
8565
+ firstPathSegmentMatch = windowsFilePathExp.exec(path);
8566
+ return firstPathSegmentMatch ? firstPathSegmentMatch[1] : path;
8567
+ }
8534
8568
  };
8535
8569
 
8536
8570
  /**
@@ -11957,6 +11991,79 @@ function $RootScopeProvider(){
11957
11991
  }];
11958
11992
  }
11959
11993
 
11994
+ /**
11995
+ * @description
11996
+ * Private service to sanitize uris for links and images. Used by $compile and $sanitize.
11997
+ */
11998
+ function $$SanitizeUriProvider() {
11999
+ var aHrefSanitizationWhitelist = /^\s*(https?|ftp|mailto|tel|file):/,
12000
+ imgSrcSanitizationWhitelist = /^\s*(https?|ftp|file):|data:image\//;
12001
+
12002
+ /**
12003
+ * @description
12004
+ * Retrieves or overrides the default regular expression that is used for whitelisting of safe
12005
+ * urls during a[href] sanitization.
12006
+ *
12007
+ * The sanitization is a security measure aimed at prevent XSS attacks via html links.
12008
+ *
12009
+ * Any url about to be assigned to a[href] via data-binding is first normalized and turned into
12010
+ * an absolute url. Afterwards, the url is matched against the `aHrefSanitizationWhitelist`
12011
+ * regular expression. If a match is found, the original url is written into the dom. Otherwise,
12012
+ * the absolute url is prefixed with `'unsafe:'` string and only then is it written into the DOM.
12013
+ *
12014
+ * @param {RegExp=} regexp New regexp to whitelist urls with.
12015
+ * @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
12016
+ * chaining otherwise.
12017
+ */
12018
+ this.aHrefSanitizationWhitelist = function(regexp) {
12019
+ if (isDefined(regexp)) {
12020
+ aHrefSanitizationWhitelist = regexp;
12021
+ return this;
12022
+ }
12023
+ return aHrefSanitizationWhitelist;
12024
+ };
12025
+
12026
+
12027
+ /**
12028
+ * @description
12029
+ * Retrieves or overrides the default regular expression that is used for whitelisting of safe
12030
+ * urls during img[src] sanitization.
12031
+ *
12032
+ * The sanitization is a security measure aimed at prevent XSS attacks via html links.
12033
+ *
12034
+ * Any url about to be assigned to img[src] via data-binding is first normalized and turned into
12035
+ * an absolute url. Afterwards, the url is matched against the `imgSrcSanitizationWhitelist`
12036
+ * regular expression. If a match is found, the original url is written into the dom. Otherwise,
12037
+ * the absolute url is prefixed with `'unsafe:'` string and only then is it written into the DOM.
12038
+ *
12039
+ * @param {RegExp=} regexp New regexp to whitelist urls with.
12040
+ * @returns {RegExp|ng.$compileProvider} Current RegExp if called without value or self for
12041
+ * chaining otherwise.
12042
+ */
12043
+ this.imgSrcSanitizationWhitelist = function(regexp) {
12044
+ if (isDefined(regexp)) {
12045
+ imgSrcSanitizationWhitelist = regexp;
12046
+ return this;
12047
+ }
12048
+ return imgSrcSanitizationWhitelist;
12049
+ };
12050
+
12051
+ this.$get = function() {
12052
+ return function sanitizeUri(uri, isImage) {
12053
+ var regex = isImage ? imgSrcSanitizationWhitelist : aHrefSanitizationWhitelist;
12054
+ var normalizedVal;
12055
+ // NOTE: urlResolve() doesn't support IE < 8 so we don't sanitize for that case.
12056
+ if (!msie || msie >= 8 ) {
12057
+ normalizedVal = urlResolve(uri).href;
12058
+ if (normalizedVal !== '' && !normalizedVal.match(regex)) {
12059
+ return 'unsafe:'+normalizedVal;
12060
+ }
12061
+ }
12062
+ return uri;
12063
+ };
12064
+ };
12065
+ }
12066
+
11960
12067
  var $sceMinErr = minErr('$sce');
11961
12068
 
11962
12069
  var SCE_CONTEXTS = {
@@ -13306,11 +13413,6 @@ function $TimeoutProvider() {
13306
13413
  // exactly the behavior needed here. There is little value is mocking these out for this
13307
13414
  // service.
13308
13415
  var urlParsingNode = document.createElement("a");
13309
- /*
13310
- Matches paths for file protocol on windows,
13311
- such as /C:/foo/bar, and captures only /foo/bar.
13312
- */
13313
- var windowsFilePathExp = /^\/?.*?:(\/.*)/;
13314
13416
  var originUrl = urlResolve(window.location.href, true);
13315
13417
 
13316
13418
 
@@ -13367,8 +13469,7 @@ var originUrl = urlResolve(window.location.href, true);
13367
13469
  *
13368
13470
  */
13369
13471
  function urlResolve(url, base) {
13370
- var href = url,
13371
- pathname;
13472
+ var href = url;
13372
13473
 
13373
13474
  if (msie) {
13374
13475
  // Normalize before parse. Refer Implementation Notes on why this is
@@ -13379,21 +13480,6 @@ function urlResolve(url, base) {
13379
13480
 
13380
13481
  urlParsingNode.setAttribute('href', href);
13381
13482
 
13382
- /*
13383
- * In Windows, on an anchor node on documents loaded from
13384
- * the filesystem, the browser will return a pathname
13385
- * prefixed with the drive name ('/C:/path') when a
13386
- * pathname without a drive is set:
13387
- * * a.setAttribute('href', '/foo')
13388
- * * a.pathname === '/C:/foo' //true
13389
- *
13390
- * Inside of Angular, we're always using pathnames that
13391
- * do not include drive names for routing.
13392
- */
13393
-
13394
- pathname = removeWindowsDriveName(urlParsingNode.pathname, url, base);
13395
- pathname = (pathname.charAt(0) === '/') ? pathname : '/' + pathname;
13396
-
13397
13483
  // urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
13398
13484
  return {
13399
13485
  href: urlParsingNode.href,
@@ -13403,11 +13489,12 @@ function urlResolve(url, base) {
13403
13489
  hash: urlParsingNode.hash ? urlParsingNode.hash.replace(/^#/, '') : '',
13404
13490
  hostname: urlParsingNode.hostname,
13405
13491
  port: urlParsingNode.port,
13406
- pathname: pathname
13492
+ pathname: (urlParsingNode.pathname.charAt(0) === '/')
13493
+ ? urlParsingNode.pathname
13494
+ : '/' + urlParsingNode.pathname
13407
13495
  };
13408
13496
  }
13409
13497
 
13410
-
13411
13498
  /**
13412
13499
  * Parse a request URL and determine whether this is a same-origin request as the application document.
13413
13500
  *
@@ -13421,26 +13508,6 @@ function urlIsSameOrigin(requestUrl) {
13421
13508
  parsed.host === originUrl.host);
13422
13509
  }
13423
13510
 
13424
- function removeWindowsDriveName (path, url, base) {
13425
- var firstPathSegmentMatch;
13426
-
13427
- //Get the relative path from the input URL.
13428
- if (url.indexOf(base) === 0) {
13429
- url = url.replace(base, '');
13430
- }
13431
-
13432
- /*
13433
- * The input URL intentionally contains a
13434
- * first path segment that ends with a colon.
13435
- */
13436
- if (windowsFilePathExp.exec(url)) {
13437
- return path;
13438
- }
13439
-
13440
- firstPathSegmentMatch = windowsFilePathExp.exec(path);
13441
- return firstPathSegmentMatch ? firstPathSegmentMatch[1] : path;
13442
- }
13443
-
13444
13511
  /**
13445
13512
  * @ngdoc object
13446
13513
  * @name ng.$window
@@ -15768,15 +15835,15 @@ function textInputType(scope, element, attr, ctrl, $sniffer, $browser) {
15768
15835
  deferListener();
15769
15836
  });
15770
15837
 
15771
- // if user paste into input using mouse, we need "change" event to catch it
15772
- element.on('change', listener);
15773
-
15774
15838
  // if user modifies input value using context menu in IE, we need "paste" and "cut" events to catch it
15775
15839
  if ($sniffer.hasEvent('paste')) {
15776
15840
  element.on('paste cut', deferListener);
15777
15841
  }
15778
15842
  }
15779
15843
 
15844
+ // if user paste into input using mouse on older browser
15845
+ // or form autocomplete on newer browser, we need "change" event to catch it
15846
+ element.on('change', listener);
15780
15847
 
15781
15848
  ctrl.$render = function() {
15782
15849
  element.val(ctrl.$isEmpty(ctrl.$viewValue) ? '' : ctrl.$viewValue);
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: angular-gem
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.2
4
+ version: 1.2.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -762,6 +762,16 @@ files:
762
762
  - vendor/assets/javascripts/1.2.2/angular-scenario.js
763
763
  - vendor/assets/javascripts/1.2.2/angular-touch.js
764
764
  - vendor/assets/javascripts/1.2.2/angular.js
765
+ - vendor/assets/javascripts/1.2.3/angular-animate.js
766
+ - vendor/assets/javascripts/1.2.3/angular-cookies.js
767
+ - vendor/assets/javascripts/1.2.3/angular-loader.js
768
+ - vendor/assets/javascripts/1.2.3/angular-mocks.js
769
+ - vendor/assets/javascripts/1.2.3/angular-resource.js
770
+ - vendor/assets/javascripts/1.2.3/angular-route.js
771
+ - vendor/assets/javascripts/1.2.3/angular-sanitize.js
772
+ - vendor/assets/javascripts/1.2.3/angular-scenario.js
773
+ - vendor/assets/javascripts/1.2.3/angular-touch.js
774
+ - vendor/assets/javascripts/1.2.3/angular.js
765
775
  - vendor/assets/javascripts/angular-animate.js
766
776
  - vendor/assets/javascripts/angular-cookies.js
767
777
  - vendor/assets/javascripts/angular-loader.js