Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor(core): express trusted constants with tagged template litera…
…ls (#40082) The trustConstantHtml and trustConstantResourceUrl functions are only meant to be passed constant strings extracted from Angular application templates, as passing other strings or variables could introduce XSS vulnerabilities. To better protect these APIs, turn them into template tags. This makes it possible to assert that the associated template literals do not contain any interpolation, and thus must be constant. Also add tests for the change to prevent regression. PR Close #40082
- Loading branch information
1 parent
8cdfd77
commit 6a9d7e5
Showing
8 changed files
with
160 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,4 +12,4 @@ export class MyComponent { | |
|
||
@NgModule({declarations: [MyComponent]}) | ||
export class MyModule { | ||
} | ||
} |
16 changes: 16 additions & 0 deletions
16
...ance/test_cases/r3_compiler_compliance/elements/security_sensitive_constant_attributes.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
consts: [ | ||
["src", i0.ɵɵtrustConstantResourceUrl `https://angular.io/`], | ||
["srcdoc", i0.ɵɵtrustConstantHtml `<h1>Angular</h1>`], | ||
["data", i0.ɵɵtrustConstantResourceUrl `https://angular.io/`, "codebase", i0.ɵɵtrustConstantResourceUrl `/`], | ||
["src", "https://angular.io/"] | ||
], | ||
template: function MyComponent_Template(rf, ctx) { | ||
if (rf & 1) { | ||
$r3$.ɵɵelement(0, "embed", 0); | ||
$r3$.ɵɵelement(1, "iframe", 1); | ||
$r3$.ɵɵelement(2, "object", 2); | ||
$r3$.ɵɵelement(3, "embed", 0); | ||
$r3$.ɵɵelement(4, "img", 3); | ||
} | ||
… | ||
} |
23 changes: 23 additions & 0 deletions
23
...ance/test_cases/r3_compiler_compliance/elements/security_sensitive_constant_attributes.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
import {Component, NgModule} from '@angular/core'; | ||
|
||
@Component({ | ||
selector: 'my-component', | ||
template: ` | ||
<!-- A couple of security-sensitive attributes with constant values --> | ||
<embed src="https://angular.io/" /> | ||
<iframe srcdoc="<h1>Angular</h1>"></iframe> | ||
<object data="https://angular.io/" codebase="/"></object> | ||
<!-- Repeated element to make sure attribute deduplication works properly --> | ||
<embed src="https://angular.io/" /> | ||
<!-- Another element with a src attribute that is not security sensitive --> | ||
<img src="https://angular.io/" /> | ||
` | ||
}) | ||
export class MyComponent { | ||
} | ||
|
||
@NgModule({declarations: [MyComponent]}) | ||
export class MyModule { | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters