urlSanitizationWhitelist
( service in module ng
)
Retrieves or overrides the default regular expression that is used for whitelisting of safe urls during a[href] sanitization.
The sanitization is a security measure aimed at prevent XSS attacks via html links.
Any url about to be assigned to a[href] via data-binding is first normalized and turned into an
absolute url. Afterwards the url is matched against the urlSanitizationWhitelist
regular
expression. If a match is found the original url is written into the dom. Otherwise the
absolute url is prefixed with 'unsafe:'
string and only then it is written into the DOM.
$compileProvider#urlSanitizationWhitelist([regexp]);
regexp(optional) – {RegExp=} –
New regexp to whitelist urls with.
{RegExp|ng.$compileProvider}
– Current RegExp if called without value or self for chaining otherwise.