urlSanitizationWhitelist ( service in module ng )

Description

Retrieves or overrides the default regular expression that is used for whitelisting of safe urls during a[href] sanitization.

The sanitization is a security measure aimed at prevent XSS attacks via html links.

Any url about to be assigned to a[href] via data-binding is first normalized and turned into an absolute url. Afterwards the url is matched against the urlSanitizationWhitelist regular expression. If a match is found the original url is written into the dom. Otherwise the absolute url is prefixed with 'unsafe:' string and only then it is written into the DOM.

Usage

$compileProvider#urlSanitizationWhitelist([regexp]);

Parameters

Returns

{RegExp|ng.$compileProvider}

Current RegExp if called without value or self for chaining otherwise.