MCPcopy Index your code
hub / github.com/angular/angular / allowSanitizationBypassAndThrow

Function allowSanitizationBypassAndThrow

packages/core/src/sanitization/bypass.ts:126–134  ·  view source on GitHub ↗
(value: any, type: BypassType)

Source from the content-addressed store, hash-verified

124export function allowSanitizationBypassAndThrow(value: any, type: BypassType.Url): value is SafeUrl;
125export function allowSanitizationBypassAndThrow(value: any, type: BypassType): boolean;
126export function allowSanitizationBypassAndThrow(value: any, type: BypassType): boolean {
127 const actualType = getSanitizationBypassType(value);
128 if (actualType != null && actualType !== type) {
129 // Allow ResourceURLs in URL contexts, they are strictly more trusted.
130 if (actualType === BypassType.ResourceUrl && type === BypassType.Url) return true;
131 throw new Error(`Required a safe ${type}, got a ${actualType} (see ${XSS_SECURITY_URL})`);
132 }
133 return actualType === type;
134}
135
136export function getSanitizationBypassType(value: any): BypassType | null {
137 return (value instanceof SafeValueImpl && (value.getTypeName() as BypassType)) || null;

Callers 5

ɵɵsanitizeHtmlFunction · 0.90
ɵɵsanitizeStyleFunction · 0.90
ɵɵsanitizeUrlFunction · 0.90
ɵɵsanitizeResourceUrlFunction · 0.90
ɵɵsanitizeScriptFunction · 0.90

Calls 1

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…