A TemplateSecurityContext specifies a category of security vulnerabilities if the content is not sanitized.
Examples: A DOM property that is used as a url is classified as having
the Url HtmlSecurityContext.
innerHTML that could cause Cross Site Scripting (XSS) security bugs when
improperly handled is classified as HTML.
See DomSanitizationService for more details on security in Angular applications.
Constants
- html → TemplateSecurityContext
-
Context for free form html content.
const TemplateSecurityContext(1) - none → TemplateSecurityContext
-
No security implication.
const TemplateSecurityContext(0) - resourceUrl → TemplateSecurityContext
-
Url pointing to a resource to be loaded.
const TemplateSecurityContext(5) - script → TemplateSecurityContext
-
Contents of script tag.
const TemplateSecurityContext(3) - style → TemplateSecurityContext
-
Context for element style.
const TemplateSecurityContext(2) - url → TemplateSecurityContext
-
Link such as a,href.
const TemplateSecurityContext(4) - values → List<TemplateSecurityContext>
-
A constant List of the values in this enum, in order of their declaration.
const List<TemplateSecurityContext>
Properties
- hashCode → int
-
Get a hash code for this object.
read-only, inherited - index → int
-
read-only
- runtimeType → Type
-
A representation of the runtime type of the object.
read-only, inherited
Operators
-
operator ==(
other) → bool -
The equality operator.
inherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a non-existent method or property is accessed.
inherited -
toString(
) → String -
Returns a string representation of this object.
inherited