Thanks to visit codestin.com
Credit goes to github.com

Skip to content
This repository was archived by the owner on Apr 12, 2024. It is now read-only.
This repository was archived by the owner on Apr 12, 2024. It is now read-only.

ngSanitize removes HTML strings between script elements #11442

Closed
Closed
ngSanitize removes HTML strings between script elements#11442
Labels
component: ngSanitizefrequency: lowseverity: broken expected usetype: bug
Milestone
 
Backlog - won't fix
@memolog

Description

@memolog
memolog
opened on Mar 27, 2015

ngSanitize removes HTML strings between scripts elements. If I have the following HTML strings, the expected result is 'ABC' but the actual is 'AC'. The B is gone.

A
<script>evil</script>
B
<script>evil</script>
C

Plunker
http://plnkr.co/lQcfIh

After finding the begin of the script tag, ngSanitize searches the string of the end tag, like </script> with the longest match, so it removes all of the HTML strings between script elements. I think we should use the smallest possible match.

I will send the PR for it later. Thanks in advance!

Angular Version(s) : 1.4.0-beta
Browsers and Operating System : Chrome 41 / Mac OS 10.8.5

Metadata

Metadata

Assignees

No one assigned

    Labels

    component: ngSanitizefrequency: lowseverity: broken expected usetype: bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions