Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(263)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: lib/safe_html.dart

Issue 23532024: Changes in webui to comply with the safe html changes. Now that Nodes can be (Closed) Base URL: git@github.com:dart-lang/web-ui.git@master
Patch Set: Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | lib/src/emitters.dart » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2011, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 // TODO(sigmund): move this library to a shared package? or make part of 5 // TODO(sigmund): move this library to a shared package? or make part of
6 // dart:html? 6 // dart:html?
7 library safe_html; 7 library safe_html;
8 8
9 import 'package:meta/meta.dart';
10
9 /** Declares a string that is a well-formed HTML fragment. */ 11 /** Declares a string that is a well-formed HTML fragment. */
12 // TODO(sigmund): delete this type now that Element.html is safe by default.
10 class SafeHtml { 13 class SafeHtml {
11 14
12 /** Underlying html string. */ 15 /** Underlying html string. */
13 String _html; 16 String _html;
14 17
15 // TODO(sigmund): provide a constructor that does html validation 18 /**
19 * dart:html now supports sanitizing elements. You can add any node
20 * directly in your bindings instead of creating instances of SafeHtml.
21 */
22 @deprecated
16 SafeHtml.unsafe(this._html); 23 SafeHtml.unsafe(this._html);
17 24
18 String toString() => _html; 25 String toString() => _html;
19 26
20 operator ==(other) => other is SafeHtml && _html == other._html; 27 operator ==(other) => other is SafeHtml && _html == other._html;
21 int get hashCode => _html.hashCode; 28 int get hashCode => _html.hashCode;
22 } 29 }
23 30
24 /** 31 /**
25 * Declares a string that is safe to use in a Uri attribute, such as `<a href=`, 32 * Declares a string that is safe to use in a Uri attribute, such as `<a href=`,
26 * to avoid cross-site scripting (XSS) attacks. 33 * to avoid cross-site scripting (XSS) attacks.
27 */ 34 */
28 class SafeUri { 35 class SafeUri {
29 String _uri; 36 String _uri;
30 37
31 // TODO(sigmund): provide a constructor that takes or creates a Uri and 38 // TODO(sigmund): provide a constructor that takes or creates a Uri and
32 // validates that it is safe (not a javascript: scheme, for example) 39 // validates that it is safe (not a javascript: scheme, for example)
33 SafeUri.unsafe(this._uri); 40 SafeUri.unsafe(this._uri);
34 41
35 String toString() => _uri; 42 String toString() => _uri;
36 43
37 operator ==(other) => other is SafeUri && _uri == other._uri; 44 operator ==(other) => other is SafeUri && _uri == other._uri;
38 int get hashCode => _uri.hashCode; 45 int get hashCode => _uri.hashCode;
39 } 46 }
OLDNEW
« no previous file with comments | « no previous file | lib/src/emitters.dart » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698