(node, attrNormalizedName)
| 10503 | |
| 10504 | |
| 10505 | function getTrustedContext(node, attrNormalizedName) { |
| 10506 | if (attrNormalizedName === 'srcdoc') { |
| 10507 | return $sce.HTML; |
| 10508 | } |
| 10509 | var tag = nodeName_(node); |
| 10510 | // All tags with src attributes require a RESOURCE_URL value, except for |
| 10511 | // img and various html5 media tags. |
| 10512 | if (attrNormalizedName === 'src' || attrNormalizedName === 'ngSrc') { |
| 10513 | if (['img', 'video', 'audio', 'source', 'track'].indexOf(tag) === -1) { |
| 10514 | return $sce.RESOURCE_URL; |
| 10515 | } |
| 10516 | // maction[xlink:href] can source SVG. It's not limited to <maction>. |
| 10517 | } else if (attrNormalizedName === 'xlinkHref' || |
| 10518 | (tag === 'form' && attrNormalizedName === 'action') || |
| 10519 | // links can be stylesheets or imports, which can run script in the current origin |
| 10520 | (tag === 'link' && attrNormalizedName === 'href') |
| 10521 | ) { |
| 10522 | return $sce.RESOURCE_URL; |
| 10523 | } |
| 10524 | } |
| 10525 | |
| 10526 | |
| 10527 | function addAttrInterpolateDirective(node, directives, value, name, isNgAttr) { |
no test coverage detected