* @ngdoc method * @name $sceDelegate#getTrusted * * @description * Takes the result of a ng.$sceDelegate#trustAs `$sceDelegate.trustAs` call and * returns the originally supplied value if the queried context type is a supertype of the * created type. If this co
(type, maybeTrusted)
| 13641 | * `$sceDelegate.trustAs`} if valid in this context. Otherwise, throws an exception. |
| 13642 | */ |
| 13643 | function getTrusted(type, maybeTrusted) { |
| 13644 | if (maybeTrusted === null || maybeTrusted === undefined || maybeTrusted === '') { |
| 13645 | return maybeTrusted; |
| 13646 | } |
| 13647 | var constructor = (byType.hasOwnProperty(type) ? byType[type] : null); |
| 13648 | if (constructor && maybeTrusted instanceof constructor) { |
| 13649 | return maybeTrusted.$$unwrapTrustedValue(); |
| 13650 | } |
| 13651 | // If we get here, then we may only take one of two actions. |
| 13652 | // 1. sanitize the value for the requested type, or |
| 13653 | // 2. throw an exception. |
| 13654 | if (type === SCE_CONTEXTS.RESOURCE_URL) { |
| 13655 | if (isResourceUrlAllowedByPolicy(maybeTrusted)) { |
| 13656 | return maybeTrusted; |
| 13657 | } else { |
| 13658 | throw $sceMinErr('insecurl', |
| 13659 | 'Blocked loading resource from url not allowed by $sceDelegate policy. URL: {0}', |
| 13660 | maybeTrusted.toString()); |
| 13661 | } |
| 13662 | } else if (type === SCE_CONTEXTS.HTML) { |
| 13663 | return htmlSanitizer(maybeTrusted); |
| 13664 | } |
| 13665 | throw $sceMinErr('unsafe', 'Attempting to use an unsafe value in a safe context.'); |
| 13666 | } |
| 13667 | |
| 13668 | return { trustAs: trustAs, |
| 13669 | getTrusted: getTrusted, |
no test coverage detected