* @ngdoc method * @name $sceDelegate#getTrusted * * @description * Takes the result of a ng.$sceDelegate#trustAs `$sceDelegate.trustAs` call and * returns the originally supplied value if the queried context type is a supertype of the * created type. If this co
(type, maybeTrusted)
| 18853 | * `$sceDelegate.trustAs`} if valid in this context. Otherwise, throws an exception. |
| 18854 | */ |
| 18855 | function getTrusted(type, maybeTrusted) { |
| 18856 | if (maybeTrusted === null || isUndefined(maybeTrusted) || maybeTrusted === '') { |
| 18857 | return maybeTrusted; |
| 18858 | } |
| 18859 | var constructor = (byType.hasOwnProperty(type) ? byType[type] : null); |
| 18860 | if (constructor && maybeTrusted instanceof constructor) { |
| 18861 | return maybeTrusted.$$unwrapTrustedValue(); |
| 18862 | } |
| 18863 | // If we get here, then we may only take one of two actions. |
| 18864 | // 1. sanitize the value for the requested type, or |
| 18865 | // 2. throw an exception. |
| 18866 | if (type === SCE_CONTEXTS.RESOURCE_URL) { |
| 18867 | if (isResourceUrlAllowedByPolicy(maybeTrusted)) { |
| 18868 | return maybeTrusted; |
| 18869 | } else { |
| 18870 | throw $sceMinErr('insecurl', |
| 18871 | 'Blocked loading resource from url not allowed by $sceDelegate policy. URL: {0}', |
| 18872 | maybeTrusted.toString()); |
| 18873 | } |
| 18874 | } else if (type === SCE_CONTEXTS.HTML) { |
| 18875 | return htmlSanitizer(maybeTrusted); |
| 18876 | } |
| 18877 | throw $sceMinErr('unsafe', 'Attempting to use an unsafe value in a safe context.'); |
| 18878 | } |
| 18879 | |
| 18880 | return { trustAs: trustAs, |
| 18881 | getTrusted: getTrusted, |
no test coverage detected