* @ngdoc method * @name $sceDelegate#getTrusted * * @description * Takes the result of a ng.$sceDelegate#trustAs `$sceDelegate.trustAs` call and * returns the originally supplied value if the queried context type is a supertype of the * created type. If this co
(type, maybeTrusted)
| 16669 | * `$sceDelegate.trustAs`} if valid in this context. Otherwise, throws an exception. |
| 16670 | */ |
| 16671 | function getTrusted(type, maybeTrusted) { |
| 16672 | if (maybeTrusted === null || maybeTrusted === undefined || maybeTrusted === '') { |
| 16673 | return maybeTrusted; |
| 16674 | } |
| 16675 | var constructor = (byType.hasOwnProperty(type) ? byType[type] : null); |
| 16676 | if (constructor && maybeTrusted instanceof constructor) { |
| 16677 | return maybeTrusted.$$unwrapTrustedValue(); |
| 16678 | } |
| 16679 | // If we get here, then we may only take one of two actions. |
| 16680 | // 1. sanitize the value for the requested type, or |
| 16681 | // 2. throw an exception. |
| 16682 | if (type === SCE_CONTEXTS.RESOURCE_URL) { |
| 16683 | if (isResourceUrlAllowedByPolicy(maybeTrusted)) { |
| 16684 | return maybeTrusted; |
| 16685 | } else { |
| 16686 | throw $sceMinErr('insecurl', |
| 16687 | 'Blocked loading resource from url not allowed by $sceDelegate policy. URL: {0}', |
| 16688 | maybeTrusted.toString()); |
| 16689 | } |
| 16690 | } else if (type === SCE_CONTEXTS.HTML) { |
| 16691 | return htmlSanitizer(maybeTrusted); |
| 16692 | } |
| 16693 | throw $sceMinErr('unsafe', 'Attempting to use an unsafe value in a safe context.'); |
| 16694 | } |
| 16695 | |
| 16696 | return { trustAs: trustAs, |
| 16697 | getTrusted: getTrusted, |
no test coverage detected