aHrefSanitizationWhitelist([regexp]);
Retrieves or overrides the default regular expression that is used for whitelisting of safe urls during a[href] sanitization.
The sanitization is a security measure aimed at preventing XSS attacks via html links.
Any url about to be assigned to a[href] via data-binding is first normalized and turned into an absolute url. Afterwards, the url is matched against the aHrefSanitizationWhitelist
regular expression. If a match is found, the original url is written into the dom. Otherwise, the absolute url is prefixed with 'unsafe:'
string and only then is it written into the DOM.
Parameters
Param | Type | Details |
---|---|---|
regexp (optional) | RegExp | New regexp to whitelist urls with. |
Returns
RegExp ng.$compileProvider
|
Current RegExp if called without value or self for chaining otherwise. |
Please login to continue.