MCPcopy
hub / github.com/angular-ui/ui-router / $SceProvider

Function $SceProvider

test/angular/1.6/angular.js:20038–20445  ·  view source on GitHub ↗

* @ngdoc service * @name $sce * @kind function * * @description * * `$sce` is a service that provides Strict Contextual Escaping services to AngularJS. * * ## Strict Contextual Escaping * * Strict Contextual Escaping (SCE) is a mode in which AngularJS constrains bindings to only render *

()

Source from the content-addressed store, hash-verified

20036 */
20037
20038function $SceProvider() {
20039 var enabled = true;
20040
20041 /**
20042 * @ngdoc method
20043 * @name $sceProvider#enabled
20044 * @kind function
20045 *
20046 * @param {boolean=} value If provided, then enables/disables SCE application-wide.
20047 * @return {boolean} True if SCE is enabled, false otherwise.
20048 *
20049 * @description
20050 * Enables/disables SCE and returns the current value.
20051 */
20052 this.enabled = function(value) {
20053 if (arguments.length) {
20054 enabled = !!value;
20055 }
20056 return enabled;
20057 };
20058
20059
20060 /* Design notes on the default implementation for SCE.
20061 *
20062 * The API contract for the SCE delegate
20063 * -------------------------------------
20064 * The SCE delegate object must provide the following 3 methods:
20065 *
20066 * - trustAs(contextEnum, value)
20067 * This method is used to tell the SCE service that the provided value is OK to use in the
20068 * contexts specified by contextEnum. It must return an object that will be accepted by
20069 * getTrusted() for a compatible contextEnum and return this value.
20070 *
20071 * - valueOf(value)
20072 * For values that were not produced by trustAs(), return them as is. For values that were
20073 * produced by trustAs(), return the corresponding input value to trustAs. Basically, if
20074 * trustAs is wrapping the given values into some type, this operation unwraps it when given
20075 * such a value.
20076 *
20077 * - getTrusted(contextEnum, value)
20078 * This function should return the a value that is safe to use in the context specified by
20079 * contextEnum or throw and exception otherwise.
20080 *
20081 * NOTE: This contract deliberately does NOT state that values returned by trustAs() must be
20082 * opaque or wrapped in some holder object. That happens to be an implementation detail. For
20083 * instance, an implementation could maintain a registry of all trusted objects by context. In
20084 * such a case, trustAs() would return the same object that was passed in. getTrusted() would
20085 * return the same object passed in if it was found in the registry under a compatible context or
20086 * throw an exception otherwise. An implementation might only wrap values some of the time based
20087 * on some criteria. getTrusted() might return a value and not throw an exception for special
20088 * constants or objects even if not wrapped. All such implementations fulfill this contract.
20089 *
20090 *
20091 * A note on the inheritance model for SCE contexts
20092 * ------------------------------------------------
20093 * I've used inheritance and made RESOURCE_URL wrapped types a subtype of URL wrapped types. This
20094 * is purely an implementation details.
20095 *

Callers

nothing calls this directly

Calls 8

shallowCopyFunction · 0.70
$parseFunction · 0.70
forEachFunction · 0.70
lowercaseFunction · 0.70
snakeToCamelFunction · 0.70
parseFunction · 0.70
getTrustedFunction · 0.70
trustAsFunction · 0.70

Tested by

no test coverage detected