Angular.Js v1.2.30 发布,JavaScript MV*框架
jopen 8年前
<p style="text-align: center;"><img alt="" src="https://simg.open-open.com/show/42418ea2d6d88684f367b335027dbbf3.png" /></p> <p>AngularJS是一款开源的JavaScript MV*(MVW、MVVM、MVC)框架,目前由Google维护。AngularJS弥补了HTML在构建应用方面的不足,其通过使用标识符(directives)结构,来扩展Web应用中的HTML词汇,使开发者可以使用HTML来声明动态内容,从而使得Web开发和测试工作变得更加容易。AngularJS最初由Miško Hevery和Adam Abrons于2009年开发,后来成为了Google公司的项目。</p> <h2>更新日志</h2> <h3>Bug修复</h3> <ul> <li><strong>$compile:</strong> <ul> <li>secure <code>link[href]</code> as a <code>RESOURCE_URL</code>s in <code>$sce</code> (<a href="/misc/goto?guid=4958992359330519537">f35f334b</a>, <a href="/misc/goto?guid=4958992359459581348">#14687</a>)</li> <li>properly sanitize <code>xlink:href</code> attribute interoplation (<a href="/misc/goto?guid=4958992359579322761">f2fa1ed8</a>, <a href="/misc/goto?guid=4958992359688211607">2687c261</a>)</li> </ul> </li> <li><strong>ngSanitize:</strong> blacklist the attribute <code>usemap</code> as it can be used as a security exploit (<a href="/misc/goto?guid=4958992359803006999">ac0d5286</a>, <a href="/misc/goto?guid=4958992359890555984">#14903</a>)</li> <li><strong>ngAnimate:</strong> do not use event.timeStamp anymore for time tracking (<a href="/misc/goto?guid=4958992359983679918">8d83b563</a>, <a href="/misc/goto?guid=4958979387835042790">#13494</a>, <a href="/misc/goto?guid=4958979387927474776">#13495</a>)</li> </ul> <h3>重大更改</h3> <ul> <li><strong>$compile:</strong> due to <a href="/misc/goto?guid=4958992359330519537">f35f334b</a>, <p><code>link[href]</code> attributes are now protected via <code>$sce</code>, which prevents interpolated values that fail the <code>RESOURCE_URL</code> context tests from being used in interpolation. For example if the application is running at <code>https://mydomain.org/</code> then the following will fail:</p> <pre> <link rel="stylesheet" href="{{ 'https://otherdomain.org/unsafe.css' }}" /></pre> <p>By default, <code>RESOURCE_URL</code> safe URLs are only allowed from the same domain and protocol as the application document. To use URLs from other domains and/or protocols, you may either whitelist them using<code>$sceDelegateProvider.resourceUrlWhitelist(...)</code> or wrap them into a trusted value by calling<code>$sce.trustAsResourceUrl(url)</code>.</p> </li> <li><strong>ngSanitize:</strong> due to <a href="/misc/goto?guid=4958984309886135318">234053fc</a>, <p>The <code>$sanitize</code> service will now remove instances of the <code>usemap</code> attribute from any elements passed to it.</p> <p>This attribute is used to reference another element by <code>name</code> or <code>id</code>. Since the <code>name</code> and <code>id</code> attributes are already blacklisted, a sanitized <code>usemap</code> attribute could only reference unsanitized content, which is a security risk.</p> </li> </ul> <h2>下载</h2> <ul> <li><a href="/misc/goto?guid=4958992360166901992" rel="nofollow"><strong>Source code</strong> (zip)</a></li> <li><a href="/misc/goto?guid=4958992360256257248" rel="nofollow"><strong>Source code</strong> (tar.gz)</a></li> </ul> <p> </p>