$compileProvider.imgSrcSanitizationWhitelist()

imgSrcSanitizationWhitelist([regexp]);

Retrieves or overrides the default regular expression that is used for whitelisting of safe urls during img[src] sanitization.

The sanitization is a security measure aimed at prevent XSS attacks via html links.

Any url about to be assigned to img[src] via data-binding is first normalized and turned into an absolute url. Afterwards, the url is matched against the imgSrcSanitizationWhitelist regular expression. If a match is found, the original url is written into the dom. Otherwise, the absolute url is prefixed with 'unsafe:' string and only then is it written into the DOM.

Parameters

Param Type Details
regexp
(optional)
RegExp

New regexp to whitelist urls with.

Returns

RegExpng.$compileProvider

Current RegExp if called without value or self for chaining otherwise.

doc_AngularJS
2016-03-29 16:10:17
Comments
Leave a Comment

Please login to continue.