{{ {a:1, b:[]} | json }}* * @scenario it('should jsonify filtered objects', function() { expect(binding('{{ {a:1, b:[]} | json')).toBe('{\n "a":1,\n "b":[]}'); }); * */ angularFilter.json = function(object) { this.$element.addClass("ng-monospace"); return toJson(object, true); }; /** * @ngdoc filter * @name angular.filter.lowercase * @function * * @see angular.lowercase */ angularFilter.lowercase = lowercase; /** * @ngdoc filter * @name angular.filter.uppercase * @function * * @see angular.uppercase */ angularFilter.uppercase = uppercase; /** * @ngdoc filter * @name angular.filter.html * @function * * @description * Prevents the input from getting escaped by angular. By default the input is sanitized and * inserted into the DOM as is. * * The input is sanitized by parsing the html into tokens. All safe tokens (from a whitelist) are * then serialized back to properly escaped html string. This means that no unsafe input can make * it into the returned string, however since our parser is more strict than a typical browser * parser, it's possible that some obscure input, which would be recognized as valid HTML by a * browser, won't make it through the sanitizer. * * If you hate your users, you may call the filter with optional 'unsafe' argument, which bypasses * the html sanitizer, but makes your application vulnerable to XSS and other attacks. Using this * option is strongly discouraged and should be used only if you absolutely trust the input being * filtered and you can't get the content through the sanitizer. * * @param {string} html Html input. * @param {string=} option If 'unsafe' then do not sanitize the HTML input. * @returns {string} Sanitized or raw html. * * @example Snippet:
Filter | Source | Rendered |
html filter |
<div ng:bind="snippet | html"> |
|
no filter | <div ng:bind="snippet"> |
|
unsafe html filter | <div ng:bind="snippet | html:'unsafe'"> |
an html\nclick here\nsnippet
'); }); it ('should escape snippet without any filter', function() { expect(using('#escaped-html').binding('snippet')). toBe("<p style=\"color:blue\">an html\n" + "<em onmouseover=\"this.textContent='PWN3D!'\">click here</em>\n" + "snippet</p>"); }); it ('should inline raw snippet if filtered as unsafe', function() { expect(using('#html-unsafe-filter').binding("snippet | html:'unsafe'")). toBe("an html\n" + "click here\n" + "snippet
"); }); it('should update', function(){ textarea('snippet').enter('new text'); expect(using('#html-filter').binding('snippet | html')).toBe('new text'); expect(using('#escaped-html').binding('snippet')).toBe("new <b>text</b>"); expect(using('#html-unsafe-filter').binding("snippet | html:'unsafe'")).toBe('new text'); }); */ angularFilter.html = function(html, option){ return new HTML(html, option); }; /** * @ngdoc filter * @name angular.filter.linky * @function * * @description * Finds links in text input and turns them into html links. Supports http/https/ftp/mailto and * plane email address links. * * @param {string} text Input text. * @returns {string} Html-linkified text. * * @example Snippet:Filter | Source | Rendered |
linky filter |
<div ng:bind="snippet | linky"> |
|
no filter | <div ng:bind="snippet"> |