MCPcopy Index your code
hub / github.com/angular-ui/ui-router / $interpolate

Function $interpolate

test/angular/1.2/angular.js:8868–8959  ·  view source on GitHub ↗

* @ngdoc service * @name $interpolate * @kind function * * @requires $parse * @requires $sce * * @description * * Compiles a string with markup into an interpolation function. This service is used by the * HTML ng.$compile $compile service fo

(text, mustHaveExpression, trustedContext)

Source from the content-addressed store, hash-verified

8866 *
8867 */
8868 function $interpolate(text, mustHaveExpression, trustedContext) {
8869 var startIndex,
8870 endIndex,
8871 index = 0,
8872 parts = [],
8873 length = text.length,
8874 hasInterpolation = false,
8875 fn,
8876 exp,
8877 concat = [];
8878
8879 while(index < length) {
8880 if ( ((startIndex = text.indexOf(startSymbol, index)) != -1) &&
8881 ((endIndex = text.indexOf(endSymbol, startIndex + startSymbolLength)) != -1) ) {
8882 (index != startIndex) && parts.push(text.substring(index, startIndex));
8883 parts.push(fn = $parse(exp = text.substring(startIndex + startSymbolLength, endIndex)));
8884 fn.exp = exp;
8885 index = endIndex + endSymbolLength;
8886 hasInterpolation = true;
8887 } else {
8888 // we did not find anything, so we have to add the remainder to the parts array
8889 (index != length) && parts.push(text.substring(index));
8890 index = length;
8891 }
8892 }
8893
8894 if (!(length = parts.length)) {
8895 // we added, nothing, must have been an empty string.
8896 parts.push('');
8897 length = 1;
8898 }
8899
8900 // Concatenating expressions makes it hard to reason about whether some combination of
8901 // concatenated values are unsafe to use and could easily lead to XSS. By requiring that a
8902 // single expression be used for iframe[src], object[src], etc., we ensure that the value
8903 // that's used is assigned or constructed by some JS code somewhere that is more testable or
8904 // make it obvious that you bound the value to some user controlled value. This helps reduce
8905 // the load when auditing for XSS issues.
8906 if (trustedContext && parts.length > 1) {
8907 throw $interpolateMinErr('noconcat',
8908 "Error while interpolating: {0}\nStrict Contextual Escaping disallows " +
8909 "interpolations that concatenate multiple expressions when a trusted value is " +
8910 "required. See http://docs.angularjs.org/api/ng.$sce", text);
8911 }
8912
8913 if (!mustHaveExpression || hasInterpolation) {
8914 concat.length = length;
8915 fn = function(context) {
8916 try {
8917 for(var i = 0, ii = length, part; i<ii; i++) {
8918 if (typeof (part = parts[i]) == 'function') {
8919 part = part(context);
8920 if (trustedContext) {
8921 part = $sce.getTrusted(trustedContext, part);
8922 } else {
8923 part = $sce.valueOf(part);
8924 }
8925 if (part == null) { // null || undefined

Callers 4

nodeLinkFnFunction · 0.70
angular.jsFile · 0.70

Calls 2

toJsonFunction · 0.70
$parseFunction · 0.50

Tested by

no test coverage detected