Merge pull request #388 from Lavaei/master

Add innerHTML as dangerous input in Angular 2+
2025-07-17 01:09:25 -04:00 · 2020-02-13 14:47:41 +00:00 · 2020-02-13 14:47:41 +00:00 · 709d6ebeb5
commit 709d6ebeb5
parent 916d54df11 92fb303ba0
2 changed files with 7 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 .DS_Store
 .*.icloud
 .gitkeep
 .idea
--- a/Pattern-Matching/dangerous-functions-angular.txt
+++ b/Pattern-Matching/dangerous-functions-angular.txt
@ -1,8 +1,14 @@
 # Angular pipes
 bypassSecurityTrustHtml
 bypassSecurityTrustScript
 bypassSecurityTrustStyle
 bypassSecurityTrustUrl
 bypassSecurityTrustResourceUrl
 # Angular inputs
 [innerHTML] #Insert given HTML without escaping dangerous characters
 # angular.js (aka Angular 1)
 trustAsHtml
 $eval
 $evalAsync