(value: any, type: BypassType)
| 124 | export function allowSanitizationBypassAndThrow(value: any, type: BypassType.Url): value is SafeUrl; |
| 125 | export function allowSanitizationBypassAndThrow(value: any, type: BypassType): boolean; |
| 126 | export function allowSanitizationBypassAndThrow(value: any, type: BypassType): boolean { |
| 127 | const actualType = getSanitizationBypassType(value); |
| 128 | if (actualType != null && actualType !== type) { |
| 129 | // Allow ResourceURLs in URL contexts, they are strictly more trusted. |
| 130 | if (actualType === BypassType.ResourceUrl && type === BypassType.Url) return true; |
| 131 | throw new Error(`Required a safe ${type}, got a ${actualType} (see ${XSS_SECURITY_URL})`); |
| 132 | } |
| 133 | return actualType === type; |
| 134 | } |
| 135 | |
| 136 | export function getSanitizationBypassType(value: any): BypassType | null { |
| 137 | return (value instanceof SafeValueImpl && (value.getTypeName() as BypassType)) || null; |
no test coverage detected
searching dependent graphs…