Angular.Js v1.2.30 發布,JavaScript MV*框架

AngularJS是一款開源的JavaScript MV*（MVW、MVVM、MVC）框架，目前由Google維護。AngularJS彌補了HTML在構建應用方面的不足，其通過使用標識符（directives）結構，來擴展Web應用中的HTML詞匯，使開發者可以使用HTML來聲明動態內容，從而使得Web開發和測試工作變得更加容易。AngularJS最初由Mi?ko Hevery和Adam Abrons于2009年開發，后來成為了Google公司的項目。

更新日志

Bug修復

• $compile:
  • secure link[href] as a RESOURCE_URLs in $sce (f35f334b, #14687)
  • properly sanitize xlink:href attribute interoplation (f2fa1ed8, 2687c261)
• ngSanitize: blacklist the attribute usemap as it can be used as a security exploit (ac0d5286, #14903)
• ngAnimate: do not use event.timeStamp anymore for time tracking (8d83b563, #13494, #13495)

重大更改

• $compile: due to f35f334b,

  link[href] attributes are now protected via $sce, which prevents interpolated values that fail the RESOURCE_URL context tests from being used in interpolation. For example if the application is running at https://mydomain.org/ then the following will fail:

  <link rel="stylesheet" href="{{ 'https://otherdomain.org/unsafe.css' }}" />

  By default, RESOURCE_URL safe URLs are only allowed from the same domain and protocol as the application document. To use URLs from other domains and/or protocols, you may either whitelist them using$sceDelegateProvider.resourceUrlWhitelist(...) or wrap them into a trusted value by calling$sce.trustAsResourceUrl(url).

• ngSanitize: due to 234053fc,

  The $sanitize service will now remove instances of the usemap attribute from any elements passed to it.

  This attribute is used to reference another element by name or id. Since the name and id attributes are already blacklisted, a sanitized usemap attribute could only reference unsanitized content, which is a security risk.

下載

• Source code (zip)
• Source code (tar.gz)