{"version":3,"sources":["angular-1.7.2/angular-sanitize.js"],"names":["window","angular","$sanitizeMinErr","$$minErr","bind","extend","forEach","isArray","isDefined","lowercase","noop","nodeContains","htmlParser","htmlSanitizeWriter","$SanitizeProvider","hasBeenInstantiated","svgEnabled","$get","$$sanitizeUri","validElements","svgElements","html","buf","uri","isImage","test","join","enableSvg","addValidElements","elements","htmlElements","addElementsTo","voidElements","htmlVoidElements","addValidAttrs","attrs","validAttrs","arrayToMap","$$lowercase","htmlParserImpl","htmlSanitizeWriterImpl","Node","prototype","contains","arg","compareDocumentPosition","SURROGATE_PAIR_REGEXP","NON_ALPHANUMERIC_REGEXP","stringToMap","optionalEndTagBlockElements","optionalEndTagInlineElements","optionalEndTagElements","blockElements","inlineElements","blockedElements","uriAttrs","htmlAttrs","svgAttrs","str","lowercaseKeys","split","items","obj","i","length","elementsMap","newElements","getInertBodyElement","document","inertDocument","implementation","createHTMLDocument","inertBodyElement","documentElement","getDocumentElement","querySelector","innerHTML","getInertBodyElement_XHR","getInertBodyElement_DOMParser","getInertBodyElement_InertDocument","encodeURI","e","undefined","xhr","XMLHttpRequest","responseType","open","send","body","response","firstChild","remove","DOMParser","parseFromString","documentMode","stripCustomNsAttrs","handler","mXSSAttempts","node","nodeType","start","nodeName","toLowerCase","attrToMap","attributes","chars","textContent","nextNode","end","getNonDescendant","removeChild","map","ii","attr","name","value","encodeEntities","replace","hi","charCodeAt","low","uriValidator","ignoreCurrentElement","out","push","tag","key","lkey","ELEMENT_NODE","l","attrNode","attrName","lastIndexOf","removeAttributeNode","propName","call","outerHTML","outerText","sanitizeText","writer","module","provider","info","angularVersion","filter","$sanitize","LINKY_URL_REGEXP","MAILTO_REGEXP","linkyMinErr","isFunction","isObject","isString","text","target","attributesFn","getAttributesObject","getEmptyAttributesObject","match","raw","url","index","addText","substr","addLink","substring","linkAttributes"],"mappings":";;AAAA;;;;;AAKA,CAAC,UAASA,MAAT,EAAiBC,OAAjB,EAA0B;AAAC;AAE5B;;;;;;;;;;;AAWA,MAAIC,eAAe,GAAGD,OAAO,CAACE,QAAR,CAAiB,WAAjB,CAAtB;AACA,MAAIC,IAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,OAAJ;AACA,MAAIC,OAAJ;AACA,MAAIC,SAAJ;AACA,MAAIC,SAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,YAAJ;AACA,MAAIC,UAAJ;AACA,MAAIC,kBAAJ;AAEA;;;;;;;;;;AAUA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuGA;;;;;;;;;AAQA,WAASC,iBAAT,GAA6B;AAC3B,QAAIC,mBAAmB,GAAG,KAA1B;AACA,QAAIC,UAAU,GAAG,KAAjB;AAEA,SAAKC,IAAL,GAAY,CAAC,eAAD,EAAkB,UAASC,aAAT,EAAwB;AACpDH,MAAAA,mBAAmB,GAAG,IAAtB;;AACA,UAAIC,UAAJ,EAAgB;AACdX,QAAAA,MAAM,CAACc,aAAD,EAAgBC,WAAhB,CAAN;AACD;;AACD,aAAO,UAASC,IAAT,EAAe;AACpB,YAAIC,GAAG,GAAG,EAAV;AACAV,QAAAA,UAAU,CAACS,IAAD,EAAOR,kBAAkB,CAACS,GAAD,EAAM,UAASC,GAAT,EAAcC,OAAd,EAAuB;AAC9D,iBAAO,CAAC,WAAWC,IAAX,CAAgBP,aAAa,CAACK,GAAD,EAAMC,OAAN,CAA7B,CAAR;AACD,SAFkC,CAAzB,CAAV;AAGA,eAAOF,GAAG,CAACI,IAAJ,CAAS,EAAT,CAAP;AACD,OAND;AAOD,KAZW,CAAZ;AAeA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8BA,SAAKC,SAAL,GAAiB,UAASA,SAAT,EAAoB;AACnC,UAAInB,SAAS,CAACmB,SAAD,CAAb,EAA0B;AACxBX,QAAAA,UAAU,GAAGW,SAAb;AACA,eAAO,IAAP;AACD,OAHD,MAGO;AACL,eAAOX,UAAP;AACD;AACF,KAPD;AAUA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8CA,SAAKY,gBAAL,GAAwB,UAASC,QAAT,EAAmB;AACzC,UAAI,CAACd,mBAAL,EAA0B;AACxB,YAAIR,OAAO,CAACsB,QAAD,CAAX,EAAuB;AACrBA,UAAAA,QAAQ,GAAG;AAACC,YAAAA,YAAY,EAAED;AAAf,WAAX;AACD;;AAEDE,QAAAA,aAAa,CAACX,WAAD,EAAcS,QAAQ,CAACT,WAAvB,CAAb;AACAW,QAAAA,aAAa,CAACC,YAAD,EAAeH,QAAQ,CAACI,gBAAxB,CAAb;AACAF,QAAAA,aAAa,CAACZ,aAAD,EAAgBU,QAAQ,CAACI,gBAAzB,CAAb;AACAF,QAAAA,aAAa,CAACZ,aAAD,EAAgBU,QAAQ,CAACC,YAAzB,CAAb;AACD;;AAED,aAAO,IAAP;AACD,KAbD;AAgBA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6BA,SAAKI,aAAL,GAAqB,UAASC,KAAT,EAAgB;AACnC,UAAI,CAACpB,mBAAL,EAA0B;AACxBV,QAAAA,MAAM,CAAC+B,UAAD,EAAaC,UAAU,CAACF,KAAD,EAAQ,IAAR,CAAvB,CAAN;AACD;;AACD,aAAO,IAAP;AACD,KALD,CAtJ2B,CA6J3B;AACA;AACA;;;AAEA/B,IAAAA,IAAI,GAAGH,OAAO,CAACG,IAAf;AACAC,IAAAA,MAAM,GAAGJ,OAAO,CAACI,MAAjB;AACAC,IAAAA,OAAO,GAAGL,OAAO,CAACK,OAAlB;AACAC,IAAAA,OAAO,GAAGN,OAAO,CAACM,OAAlB;AACAC,IAAAA,SAAS,GAAGP,OAAO,CAACO,SAApB;AACAC,IAAAA,SAAS,GAAGR,OAAO,CAACqC,WAApB;AACA5B,IAAAA,IAAI,GAAGT,OAAO,CAACS,IAAf;AAEAE,IAAAA,UAAU,GAAG2B,cAAb;AACA1B,IAAAA,kBAAkB,GAAG2B,sBAArB;;AAEA7B,IAAAA,YAAY,GAAGX,MAAM,CAACyC,IAAP,CAAYC,SAAZ,CAAsBC,QAAtB;AAAkC;AAAa,cAASC,GAAT,EAAc;AAC1E;AACA,aAAO,CAAC,EAAE,KAAKC,uBAAL,CAA6BD,GAA7B,IAAoC,EAAtC,CAAR;AACD,KAHD,CA5K2B,CAiL3B;;;AACA,QAAIE,qBAAqB,GAAG,iCAA5B;AAAA,QACE;AACAC,IAAAA,uBAAuB,GAAG,cAF5B,CAlL2B,CAuL3B;AACA;AACA;AAEA;AACA;;AACA,QAAIf,YAAY,GAAGgB,WAAW,CAAC,wBAAD,CAA9B,CA7L2B,CA+L3B;AACA;;AACA,QAAIC,2BAA2B,GAAGD,WAAW,CAAC,gDAAD,CAA7C;AAAA,QACIE,4BAA4B,GAAGF,WAAW,CAAC,OAAD,CAD9C;AAAA,QAEIG,sBAAsB,GAAG9C,MAAM,CAAC,EAAD,EACS6C,4BADT,EAESD,2BAFT,CAFnC,CAjM2B,CAuM3B;;AACA,QAAIG,aAAa,GAAG/C,MAAM,CAAC,EAAD,EAAK4C,2BAAL,EAAkCD,WAAW,CAAC,qBAChE,yFADgE,GAEhE,8DAF+D,CAA7C,CAA1B,CAxM2B,CA4M3B;;AACA,QAAIK,cAAc,GAAGhD,MAAM,CAAC,EAAD,EAAK6C,4BAAL,EAAmCF,WAAW,CAAC,sBAClE,uFADkE,GAElE,qDAFiE,CAA9C,CAA3B,CA7M2B,CAiN3B;AACA;AACA;AACA;;AACA,QAAI5B,WAAW,GAAG4B,WAAW,CAAC,6EACtB,4FADsB,GAEtB,sDAFqB,CAA7B,CArN2B,CAyN3B;;AACA,QAAIM,eAAe,GAAGN,WAAW,CAAC,cAAD,CAAjC;AAEA,QAAI7B,aAAa,GAAGd,MAAM,CAAC,EAAD,EACS2B,YADT,EAESoB,aAFT,EAGSC,cAHT,EAISF,sBAJT,CAA1B,CA5N2B,CAkO3B;;AACA,QAAII,QAAQ,GAAGP,WAAW,CAAC,uDAAD,CAA1B;AAEA,QAAIQ,SAAS,GAAGR,WAAW,CAAC,4EACxB,4EADwB,GAExB,+DAFwB,GAGxB,2EAHwB,GAIxB,2BAJuB,CAA3B,CArO2B,CA2O3B;AACA;;AACA,QAAIS,QAAQ,GAAGT,WAAW,CAAC,qEACvB,oFADuB,GAEvB,0FAFuB,GAGvB,wFAHuB,GAIvB,qFAJuB,GAKvB,uFALuB,GAMvB,qFANuB,GAOvB,+EAPuB,GAQvB,wFARuB,GASvB,sFATuB,GAUvB,oFAVuB,GAWvB,4FAXuB,GAYvB,2FAZuB,GAavB,8FAbuB,GAcvB,6EAdsB,EAcyD,IAdzD,CAA1B;AAgBA,QAAIZ,UAAU,GAAG/B,MAAM,CAAC,EAAD,EACSkD,QADT,EAESE,QAFT,EAGSD,SAHT,CAAvB;;AAKA,aAASR,WAAT,CAAqBU,GAArB,EAA0BC,aAA1B,EAAyC;AACvC,aAAOtB,UAAU,CAACqB,GAAG,CAACE,KAAJ,CAAU,GAAV,CAAD,EAAiBD,aAAjB,CAAjB;AACD;;AAED,aAAStB,UAAT,CAAoBwB,KAApB,EAA2BF,aAA3B,EAA0C;AACxC,UAAIG,GAAG,GAAG,EAAV;AAAA,UAAcC,CAAd;;AACA,WAAKA,CAAC,GAAG,CAAT,EAAYA,CAAC,GAAGF,KAAK,CAACG,MAAtB,EAA8BD,CAAC,EAA/B,EAAmC;AACjCD,QAAAA,GAAG,CAACH,aAAa,GAAGlD,SAAS,CAACoD,KAAK,CAACE,CAAD,CAAN,CAAZ,GAAyBF,KAAK,CAACE,CAAD,CAA5C,CAAH,GAAsD,IAAtD;AACD;;AACD,aAAOD,GAAP;AACD;;AAED,aAAS/B,aAAT,CAAuBkC,WAAvB,EAAoCC,WAApC,EAAiD;AAC/C,UAAIA,WAAW,IAAIA,WAAW,CAACF,MAA/B,EAAuC;AACrC3D,QAAAA,MAAM,CAAC4D,WAAD,EAAc5B,UAAU,CAAC6B,WAAD,CAAxB,CAAN;AACD;AACF;AAED;;;;;;;;AAMA,QAAIC;AAAoB;AAAD,MAAkD,UAASnE,MAAT,EAAiBoE,QAAjB,EAA2B;AAClG,UAAIC,aAAJ;;AACA,UAAID,QAAQ,IAAIA,QAAQ,CAACE,cAAzB,EAAyC;AACvCD,QAAAA,aAAa,GAAGD,QAAQ,CAACE,cAAT,CAAwBC,kBAAxB,CAA2C,OAA3C,CAAhB;AACD,OAFD,MAEO;AACL,cAAMrE,eAAe,CAAC,SAAD,EAAY,sCAAZ,CAArB;AACD;;AACD,UAAIsE,gBAAgB,GAAG,CAACH,aAAa,CAACI,eAAd,IAAiCJ,aAAa,CAACK,kBAAd,EAAlC,EAAsEC,aAAtE,CAAoF,MAApF,CAAvB,CAPkG,CASlG;;AACAH,MAAAA,gBAAgB,CAACI,SAAjB,GAA6B,sDAA7B;;AACA,UAAI,CAACJ,gBAAgB,CAACG,aAAjB,CAA+B,KAA/B,CAAL,EAA4C;AAC1C,eAAOE,uBAAP;AACD,OAFD,MAEO;AACL;AACAL,QAAAA,gBAAgB,CAACI,SAAjB,GAA6B,kEAA7B;;AACA,YAAIJ,gBAAgB,CAACG,aAAjB,CAA+B,SAA/B,CAAJ,EAA+C;AAC7C,iBAAOG,6BAAP;AACD,SAFD,MAEO;AACL,iBAAOC,iCAAP;AACD;AACF;;AAED,eAASF,uBAAT,CAAiCxD,IAAjC,EAAuC;AACrC;AACA;AACAA,QAAAA,IAAI,GAAG,sBAAsBA,IAA7B;;AACA,YAAI;AACFA,UAAAA,IAAI,GAAG2D,SAAS,CAAC3D,IAAD,CAAhB;AACD,SAFD,CAEE,OAAO4D,CAAP,EAAU;AACV,iBAAOC,SAAP;AACD;;AACD,YAAIC,GAAG,GAAG,IAAInF,MAAM,CAACoF,cAAX,EAAV;AACAD,QAAAA,GAAG,CAACE,YAAJ,GAAmB,UAAnB;AACAF,QAAAA,GAAG,CAACG,IAAJ,CAAS,KAAT,EAAgB,kCAAkCjE,IAAlD,EAAwD,KAAxD;AACA8D,QAAAA,GAAG,CAACI,IAAJ,CAAS,IAAT;AACA,YAAIC,IAAI,GAAGL,GAAG,CAACM,QAAJ,CAAaD,IAAxB;AACAA,QAAAA,IAAI,CAACE,UAAL,CAAgBC,MAAhB;AACA,eAAOH,IAAP;AACD;;AAED,eAASV,6BAAT,CAAuCzD,IAAvC,EAA6C;AAC3C;AACA;AACAA,QAAAA,IAAI,GAAG,sBAAsBA,IAA7B;;AACA,YAAI;AACF,cAAImE,IAAI,GAAG,IAAIxF,MAAM,CAAC4F,SAAX,GAAuBC,eAAvB,CAAuCxE,IAAvC,EAA6C,WAA7C,EAA0DmE,IAArE;AACAA,UAAAA,IAAI,CAACE,UAAL,CAAgBC,MAAhB;AACA,iBAAOH,IAAP;AACD,SAJD,CAIE,OAAOP,CAAP,EAAU;AACV,iBAAOC,SAAP;AACD;AACF;;AAED,eAASH,iCAAT,CAA2C1D,IAA3C,EAAiD;AAC/CmD,QAAAA,gBAAgB,CAACI,SAAjB,GAA6BvD,IAA7B,CAD+C,CAG/C;AACA;;AACA,YAAI+C,QAAQ,CAAC0B,YAAb,EAA2B;AACzBC,UAAAA,kBAAkB,CAACvB,gBAAD,CAAlB;AACD;;AAED,eAAOA,gBAAP;AACD;AACF,KAjEuE,CAiErExE,MAjEqE,EAiE7DA,MAAM,CAACoE,QAjEsD,CAAxE;AAmEA;;;;;;;;;;;;;;AAYA,aAAS7B,cAAT,CAAwBlB,IAAxB,EAA8B2E,OAA9B,EAAuC;AACrC,UAAI3E,IAAI,KAAK,IAAT,IAAiBA,IAAI,KAAK6D,SAA9B,EAAyC;AACvC7D,QAAAA,IAAI,GAAG,EAAP;AACD,OAFD,MAEO,IAAI,OAAOA,IAAP,KAAgB,QAApB,EAA8B;AACnCA,QAAAA,IAAI,GAAG,KAAKA,IAAZ;AACD;;AAED,UAAImD,gBAAgB,GAAGL,mBAAmB,CAAC9C,IAAD,CAA1C;AACA,UAAI,CAACmD,gBAAL,EAAuB,OAAO,EAAP,CARc,CAUrC;;AACA,UAAIyB,YAAY,GAAG,CAAnB;;AACA,SAAG;AACD,YAAIA,YAAY,KAAK,CAArB,EAAwB;AACtB,gBAAM/F,eAAe,CAAC,QAAD,EAAW,uDAAX,CAArB;AACD;;AACD+F,QAAAA,YAAY,GAJX,CAMD;;AACA5E,QAAAA,IAAI,GAAGmD,gBAAgB,CAACI,SAAxB;AACAJ,QAAAA,gBAAgB,GAAGL,mBAAmB,CAAC9C,IAAD,CAAtC;AACD,OATD,QASSA,IAAI,KAAKmD,gBAAgB,CAACI,SATnC;;AAWA,UAAIsB,IAAI,GAAG1B,gBAAgB,CAACkB,UAA5B;;AACA,aAAOQ,IAAP,EAAa;AACX,gBAAQA,IAAI,CAACC,QAAb;AACE,eAAK,CAAL;AAAQ;AACNH,YAAAA,OAAO,CAACI,KAAR,CAAcF,IAAI,CAACG,QAAL,CAAcC,WAAd,EAAd,EAA2CC,SAAS,CAACL,IAAI,CAACM,UAAN,CAApD;AACA;;AACF,eAAK,CAAL;AAAQ;AACNR,YAAAA,OAAO,CAACS,KAAR,CAAcP,IAAI,CAACQ,WAAnB;AACA;AANJ;;AASA,YAAIC,QAAJ;;AACA,YAAI,EAAEA,QAAQ,GAAGT,IAAI,CAACR,UAAlB,CAAJ,EAAmC;AACjC,cAAIQ,IAAI,CAACC,QAAL,KAAkB,CAAtB,EAAyB;AACvBH,YAAAA,OAAO,CAACY,GAAR,CAAYV,IAAI,CAACG,QAAL,CAAcC,WAAd,EAAZ;AACD;;AACDK,UAAAA,QAAQ,GAAGE,gBAAgB,CAAC,aAAD,EAAgBX,IAAhB,CAA3B;;AACA,cAAI,CAACS,QAAL,EAAe;AACb,mBAAOA,QAAQ,IAAI,IAAnB,EAAyB;AACvBT,cAAAA,IAAI,GAAGW,gBAAgB,CAAC,YAAD,EAAeX,IAAf,CAAvB;AACA,kBAAIA,IAAI,KAAK1B,gBAAb,EAA+B;AAC/BmC,cAAAA,QAAQ,GAAGE,gBAAgB,CAAC,aAAD,EAAgBX,IAAhB,CAA3B;;AACA,kBAAIA,IAAI,CAACC,QAAL,KAAkB,CAAtB,EAAyB;AACvBH,gBAAAA,OAAO,CAACY,GAAR,CAAYV,IAAI,CAACG,QAAL,CAAcC,WAAd,EAAZ;AACD;AACF;AACF;AACF;;AACDJ,QAAAA,IAAI,GAAGS,QAAP;AACD;;AAED,aAAQT,IAAI,GAAG1B,gBAAgB,CAACkB,UAAhC,EAA6C;AAC3ClB,QAAAA,gBAAgB,CAACsC,WAAjB,CAA6BZ,IAA7B;AACD;AACF;;AAED,aAASK,SAAT,CAAmBpE,KAAnB,EAA0B;AACxB,UAAI4E,GAAG,GAAG,EAAV;;AACA,WAAK,IAAIhD,CAAC,GAAG,CAAR,EAAWiD,EAAE,GAAG7E,KAAK,CAAC6B,MAA3B,EAAmCD,CAAC,GAAGiD,EAAvC,EAA2CjD,CAAC,EAA5C,EAAgD;AAC9C,YAAIkD,IAAI,GAAG9E,KAAK,CAAC4B,CAAD,CAAhB;AACAgD,QAAAA,GAAG,CAACE,IAAI,CAACC,IAAN,CAAH,GAAiBD,IAAI,CAACE,KAAtB;AACD;;AACD,aAAOJ,GAAP;AACD;AAGD;;;;;;;;;AAOA,aAASK,cAAT,CAAwBD,KAAxB,EAA+B;AAC7B,aAAOA,KAAK,CACVE,OADK,CACG,IADH,EACS,OADT,EAELA,OAFK,CAEGvE,qBAFH,EAE0B,UAASqE,KAAT,EAAgB;AAC7C,YAAIG,EAAE,GAAGH,KAAK,CAACI,UAAN,CAAiB,CAAjB,CAAT;AACA,YAAIC,GAAG,GAAGL,KAAK,CAACI,UAAN,CAAiB,CAAjB,CAAV;AACA,eAAO,QAAS,CAACD,EAAE,GAAG,MAAN,IAAgB,KAAjB,IAA2BE,GAAG,GAAG,MAAjC,IAA2C,OAAnD,IAA8D,GAArE;AACD,OANI,EAOLH,OAPK,CAOGtE,uBAPH,EAO4B,UAASoE,KAAT,EAAgB;AAC/C,eAAO,OAAOA,KAAK,CAACI,UAAN,CAAiB,CAAjB,CAAP,GAA6B,GAApC;AACD,OATI,EAULF,OAVK,CAUG,IAVH,EAUS,MAVT,EAWLA,OAXK,CAWG,IAXH,EAWS,MAXT,CAAP;AAYD;AAED;;;;;;;;;;;;AAUA,aAAS7E,sBAAT,CAAgClB,GAAhC,EAAqCmG,YAArC,EAAmD;AACjD,UAAIC,oBAAoB,GAAG,KAA3B;AACA,UAAIC,GAAG,GAAGvH,IAAI,CAACkB,GAAD,EAAMA,GAAG,CAACsG,IAAV,CAAd;AACA,aAAO;AACLxB,QAAAA,KAAK,EAAE,eAASyB,GAAT,EAAc1F,KAAd,EAAqB;AAC1B0F,UAAAA,GAAG,GAAGpH,SAAS,CAACoH,GAAD,CAAf;;AACA,cAAI,CAACH,oBAAD,IAAyBpE,eAAe,CAACuE,GAAD,CAA5C,EAAmD;AACjDH,YAAAA,oBAAoB,GAAGG,GAAvB;AACD;;AACD,cAAI,CAACH,oBAAD,IAAyBvG,aAAa,CAAC0G,GAAD,CAAb,KAAuB,IAApD,EAA0D;AACxDF,YAAAA,GAAG,CAAC,GAAD,CAAH;AACAA,YAAAA,GAAG,CAACE,GAAD,CAAH;AACAvH,YAAAA,OAAO,CAAC6B,KAAD,EAAQ,UAASgF,KAAT,EAAgBW,GAAhB,EAAqB;AAClC,kBAAIC,IAAI,GAAGtH,SAAS,CAACqH,GAAD,CAApB;AACA,kBAAItG,OAAO,GAAIqG,GAAG,KAAK,KAAR,IAAiBE,IAAI,KAAK,KAA3B,IAAsCA,IAAI,KAAK,YAA7D;;AACA,kBAAI3F,UAAU,CAAC2F,IAAD,CAAV,KAAqB,IAArB,KACDxE,QAAQ,CAACwE,IAAD,CAAR,KAAmB,IAAnB,IAA2BN,YAAY,CAACN,KAAD,EAAQ3F,OAAR,CADtC,CAAJ,EAC6D;AAC3DmG,gBAAAA,GAAG,CAAC,GAAD,CAAH;AACAA,gBAAAA,GAAG,CAACG,GAAD,CAAH;AACAH,gBAAAA,GAAG,CAAC,IAAD,CAAH;AACAA,gBAAAA,GAAG,CAACP,cAAc,CAACD,KAAD,CAAf,CAAH;AACAQ,gBAAAA,GAAG,CAAC,GAAD,CAAH;AACD;AACF,aAXM,CAAP;AAYAA,YAAAA,GAAG,CAAC,GAAD,CAAH;AACD;AACF,SAvBI;AAwBLf,QAAAA,GAAG,EAAE,aAASiB,GAAT,EAAc;AACjBA,UAAAA,GAAG,GAAGpH,SAAS,CAACoH,GAAD,CAAf;;AACA,cAAI,CAACH,oBAAD,IAAyBvG,aAAa,CAAC0G,GAAD,CAAb,KAAuB,IAAhD,IAAwD7F,YAAY,CAAC6F,GAAD,CAAZ,KAAsB,IAAlF,EAAwF;AACtFF,YAAAA,GAAG,CAAC,IAAD,CAAH;AACAA,YAAAA,GAAG,CAACE,GAAD,CAAH;AACAF,YAAAA,GAAG,CAAC,GAAD,CAAH;AACD,WANgB,CAOjB;;;AACA,cAAIE,GAAG,IAAIH,oBAAX,EAAiC;AAC/BA,YAAAA,oBAAoB,GAAG,KAAvB;AACD;AACF,SAnCI;AAoCLjB,QAAAA,KAAK,EAAE,eAASA,MAAT,EAAgB;AACrB,cAAI,CAACiB,oBAAL,EAA2B;AACzBC,YAAAA,GAAG,CAACP,cAAc,CAACX,MAAD,CAAf,CAAH;AACD;AACF;AAxCI,OAAP;AA0CD;AAGD;;;;;;;;;AAOA,aAASV,kBAAT,CAA4BG,IAA5B,EAAkC;AAChC,aAAOA,IAAP,EAAa;AACX,YAAIA,IAAI,CAACC,QAAL,KAAkBnG,MAAM,CAACyC,IAAP,CAAYuF,YAAlC,EAAgD;AAC9C,cAAI7F,KAAK,GAAG+D,IAAI,CAACM,UAAjB;;AACA,eAAK,IAAIzC,CAAC,GAAG,CAAR,EAAWkE,CAAC,GAAG9F,KAAK,CAAC6B,MAA1B,EAAkCD,CAAC,GAAGkE,CAAtC,EAAyClE,CAAC,EAA1C,EAA8C;AAC5C,gBAAImE,QAAQ,GAAG/F,KAAK,CAAC4B,CAAD,CAApB;AACA,gBAAIoE,QAAQ,GAAGD,QAAQ,CAAChB,IAAT,CAAcZ,WAAd,EAAf;;AACA,gBAAI6B,QAAQ,KAAK,WAAb,IAA4BA,QAAQ,CAACC,WAAT,CAAqB,MAArB,EAA6B,CAA7B,MAAoC,CAApE,EAAuE;AACrElC,cAAAA,IAAI,CAACmC,mBAAL,CAAyBH,QAAzB;AACAnE,cAAAA,CAAC;AACDkE,cAAAA,CAAC;AACF;AACF;AACF;;AAED,YAAItB,QAAQ,GAAGT,IAAI,CAACR,UAApB;;AACA,YAAIiB,QAAJ,EAAc;AACZZ,UAAAA,kBAAkB,CAACY,QAAD,CAAlB;AACD;;AAEDT,QAAAA,IAAI,GAAGW,gBAAgB,CAAC,aAAD,EAAgBX,IAAhB,CAAvB;AACD;AACF;;AAED,aAASW,gBAAT,CAA0ByB,QAA1B,EAAoCpC,IAApC,EAA0C;AACxC;AACA,UAAIS,QAAQ,GAAGT,IAAI,CAACoC,QAAD,CAAnB;;AACA,UAAI3B,QAAQ,IAAIhG,YAAY,CAAC4H,IAAb,CAAkBrC,IAAlB,EAAwBS,QAAxB,CAAhB,EAAmD;AACjD,cAAMzG,eAAe,CAAC,QAAD,EAAW,+DAAX,EAA4EgG,IAAI,CAACsC,SAAL,IAAkBtC,IAAI,CAACuC,SAAnG,CAArB;AACD;;AACD,aAAO9B,QAAP;AACD;AACF;;AAED,WAAS+B,YAAT,CAAsBjC,KAAtB,EAA6B;AAC3B,QAAInF,GAAG,GAAG,EAAV;AACA,QAAIqH,MAAM,GAAG9H,kBAAkB,CAACS,GAAD,EAAMZ,IAAN,CAA/B;AACAiI,IAAAA,MAAM,CAAClC,KAAP,CAAaA,KAAb;AACA,WAAOnF,GAAG,CAACI,IAAJ,CAAS,EAAT,CAAP;AACD,GA9rB0B,CAisB3B;;;AACAzB,EAAAA,OAAO,CAAC2I,MAAR,CAAe,YAAf,EAA6B,EAA7B,EACGC,QADH,CACY,WADZ,EACyB/H,iBADzB,EAEGgI,IAFH,CAEQ;AAAEC,IAAAA,cAAc,EAAE;AAAlB,GAFR;AAIA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+HA9I,EAAAA,OAAO,CAAC2I,MAAR,CAAe,YAAf,EAA6BI,MAA7B,CAAoC,OAApC,EAA6C,CAAC,WAAD,EAAc,UAASC,SAAT,EAAoB;AAC7E,QAAIC,gBAAgB,GACd,2FADN;AAAA,QAEIC,aAAa,GAAG,WAFpB;AAIA,QAAIC,WAAW,GAAGnJ,OAAO,CAACE,QAAR,CAAiB,OAAjB,CAAlB;AACA,QAAIK,SAAS,GAAGP,OAAO,CAACO,SAAxB;AACA,QAAI6I,UAAU,GAAGpJ,OAAO,CAACoJ,UAAzB;AACA,QAAIC,QAAQ,GAAGrJ,OAAO,CAACqJ,QAAvB;AACA,QAAIC,QAAQ,GAAGtJ,OAAO,CAACsJ,QAAvB;AAEA,WAAO,UAASC,IAAT,EAAeC,MAAf,EAAuBjD,UAAvB,EAAmC;AACxC,UAAIgD,IAAI,IAAI,IAAR,IAAgBA,IAAI,KAAK,EAA7B,EAAiC,OAAOA,IAAP;AACjC,UAAI,CAACD,QAAQ,CAACC,IAAD,CAAb,EAAqB,MAAMJ,WAAW,CAAC,WAAD,EAAc,mCAAd,EAAmDI,IAAnD,CAAjB;AAErB,UAAIE,YAAY,GACdL,UAAU,CAAC7C,UAAD,CAAV,GAAyBA,UAAzB,GACA8C,QAAQ,CAAC9C,UAAD,CAAR,GAAuB,SAASmD,mBAAT,GAA+B;AAAC,eAAOnD,UAAP;AAAmB,OAA1E,GACA,SAASoD,wBAAT,GAAoC;AAAC,eAAO,EAAP;AAAW,OAHlD;AAKA,UAAIC,KAAJ;AACA,UAAIC,GAAG,GAAGN,IAAV;AACA,UAAInI,IAAI,GAAG,EAAX;AACA,UAAI0I,GAAJ;AACA,UAAIhG,CAAJ;;AACA,aAAQ8F,KAAK,GAAGC,GAAG,CAACD,KAAJ,CAAUX,gBAAV,CAAhB,EAA8C;AAC5C;AACAa,QAAAA,GAAG,GAAGF,KAAK,CAAC,CAAD,CAAX,CAF4C,CAG5C;;AACA,YAAI,CAACA,KAAK,CAAC,CAAD,CAAN,IAAa,CAACA,KAAK,CAAC,CAAD,CAAvB,EAA4B;AAC1BE,UAAAA,GAAG,GAAG,CAACF,KAAK,CAAC,CAAD,CAAL,GAAW,SAAX,GAAuB,SAAxB,IAAqCE,GAA3C;AACD;;AACDhG,QAAAA,CAAC,GAAG8F,KAAK,CAACG,KAAV;AACAC,QAAAA,OAAO,CAACH,GAAG,CAACI,MAAJ,CAAW,CAAX,EAAcnG,CAAd,CAAD,CAAP;AACAoG,QAAAA,OAAO,CAACJ,GAAD,EAAMF,KAAK,CAAC,CAAD,CAAL,CAASxC,OAAT,CAAiB8B,aAAjB,EAAgC,EAAhC,CAAN,CAAP;AACAW,QAAAA,GAAG,GAAGA,GAAG,CAACM,SAAJ,CAAcrG,CAAC,GAAG8F,KAAK,CAAC,CAAD,CAAL,CAAS7F,MAA3B,CAAN;AACD;;AACDiG,MAAAA,OAAO,CAACH,GAAD,CAAP;AACA,aAAOb,SAAS,CAAC5H,IAAI,CAACK,IAAL,CAAU,EAAV,CAAD,CAAhB;;AAEA,eAASuI,OAAT,CAAiBT,IAAjB,EAAuB;AACrB,YAAI,CAACA,IAAL,EAAW;AACT;AACD;;AACDnI,QAAAA,IAAI,CAACuG,IAAL,CAAUc,YAAY,CAACc,IAAD,CAAtB;AACD;;AAED,eAASW,OAAT,CAAiBJ,GAAjB,EAAsBP,IAAtB,EAA4B;AAC1B,YAAI1B,GAAJ;AAAA,YAASuC,cAAc,GAAGX,YAAY,CAACK,GAAD,CAAtC;AACA1I,QAAAA,IAAI,CAACuG,IAAL,CAAU,KAAV;;AAEA,aAAKE,GAAL,IAAYuC,cAAZ,EAA4B;AAC1BhJ,UAAAA,IAAI,CAACuG,IAAL,CAAUE,GAAG,GAAG,IAAN,GAAauC,cAAc,CAACvC,GAAD,CAA3B,GAAmC,IAA7C;AACD;;AAED,YAAItH,SAAS,CAACiJ,MAAD,CAAT,IAAqB,EAAE,YAAYY,cAAd,CAAzB,EAAwD;AACtDhJ,UAAAA,IAAI,CAACuG,IAAL,CAAU,UAAV,EACU6B,MADV,EAEU,IAFV;AAGD;;AACDpI,QAAAA,IAAI,CAACuG,IAAL,CAAU,QAAV,EACUmC,GAAG,CAAC1C,OAAJ,CAAY,IAAZ,EAAkB,QAAlB,CADV,EAEU,IAFV;AAGA4C,QAAAA,OAAO,CAACT,IAAD,CAAP;AACAnI,QAAAA,IAAI,CAACuG,IAAL,CAAU,MAAV;AACD;AACF,KAvDD;AAwDD,GAnE4C,CAA7C;AAsEC,CA34BD,EA24BG5H,MA34BH,EA24BWA,MAAM,CAACC,OA34BlB","sourcesContent":["/**\r\n * @license AngularJS v1.7.2\r\n * (c) 2010-2018 Google, Inc. http://angularjs.org\r\n * License: MIT\r\n */\r\n(function(window, angular) {'use strict';\r\n\r\n/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\r\n * Any commits to this file should be reviewed with security in mind. *\r\n * Changes to this file can potentially create security vulnerabilities. *\r\n * An approval from 2 Core members with history of modifying *\r\n * this file is required. *\r\n * *\r\n * Does the change somehow allow for arbitrary javascript to be executed? *\r\n * Or allows for someone to change the prototype of built-in objects? *\r\n * Or gives undesired access to variables likes document or window? *\r\n * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */\r\n\r\nvar $sanitizeMinErr = angular.$$minErr('$sanitize');\r\nvar bind;\r\nvar extend;\r\nvar forEach;\r\nvar isArray;\r\nvar isDefined;\r\nvar lowercase;\r\nvar noop;\r\nvar nodeContains;\r\nvar htmlParser;\r\nvar htmlSanitizeWriter;\r\n\r\n/**\r\n * @ngdoc module\r\n * @name ngSanitize\r\n * @description\r\n *\r\n * The `ngSanitize` module provides functionality to sanitize HTML.\r\n *\r\n * See {@link ngSanitize.$sanitize `$sanitize`} for usage.\r\n */\r\n\r\n/**\r\n * @ngdoc service\r\n * @name $sanitize\r\n * @kind function\r\n *\r\n * @description\r\n * Sanitizes an html string by stripping all potentially dangerous tokens.\r\n *\r\n * The input is sanitized by parsing the HTML into tokens. All safe tokens (from a whitelist) are\r\n * then serialized back to a properly escaped HTML string. This means that no unsafe input can make\r\n * it into the returned string.\r\n *\r\n * The whitelist for URL sanitization of attribute values is configured using the functions\r\n * `aHrefSanitizationWhitelist` and `imgSrcSanitizationWhitelist` of {@link $compileProvider}.\r\n *\r\n * The input may also contain SVG markup if this is enabled via {@link $sanitizeProvider}.\r\n *\r\n * @param {string} html HTML input.\r\n * @returns {string} Sanitized HTML.\r\n *\r\n * @example\r\n \r\n \r\n \r\n
\r\n Snippet: \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n
DirectiveHowSourceRendered
ng-bind-htmlAutomatically uses $sanitize
<div ng-bind-html=\"snippet\">
</div>
ng-bind-htmlBypass $sanitize by explicitly trusting the dangerous value\r\n 
<div ng-bind-html=\"deliberatelyTrustDangerousSnippet()\">\r\n</div>
\r\n
ng-bindAutomatically escapes
<div ng-bind=\"snippet\">
</div>
\r\n
\r\n \r\n \r\n it('should sanitize the html snippet by default', function() {\r\n expect(element(by.css('#bind-html-with-sanitize div')).getAttribute('innerHTML')).\r\n toBe('

an html\\nclick here\\nsnippet

');\r\n });\r\n\r\n it('should inline raw snippet if bound to a trusted value', function() {\r\n expect(element(by.css('#bind-html-with-trust div')).getAttribute('innerHTML')).\r\n toBe(\"

an html\\n\" +\r\n \"click here\\n\" +\r\n \"snippet

\");\r\n });\r\n\r\n it('should escape snippet without any filter', function() {\r\n expect(element(by.css('#bind-default div')).getAttribute('innerHTML')).\r\n toBe(\"<p style=\\\"color:blue\\\">an html\\n\" +\r\n \"<em onmouseover=\\\"this.textContent='PWN3D!'\\\">click here</em>\\n\" +\r\n \"snippet</p>\");\r\n });\r\n\r\n it('should update', function() {\r\n element(by.model('snippet')).clear();\r\n element(by.model('snippet')).sendKeys('new text');\r\n expect(element(by.css('#bind-html-with-sanitize div')).getAttribute('innerHTML')).\r\n toBe('new text');\r\n expect(element(by.css('#bind-html-with-trust div')).getAttribute('innerHTML')).toBe(\r\n 'new text');\r\n expect(element(by.css('#bind-default div')).getAttribute('innerHTML')).toBe(\r\n \"new <b onclick=\\\"alert(1)\\\">text</b>\");\r\n });\r\n \r\n \r\n */\r\n\r\n\r\n/**\r\n * @ngdoc provider\r\n * @name $sanitizeProvider\r\n * @this\r\n *\r\n * @description\r\n * Creates and configures {@link $sanitize} instance.\r\n */\r\nfunction $SanitizeProvider() {\r\n var hasBeenInstantiated = false;\r\n var svgEnabled = false;\r\n\r\n this.$get = ['$$sanitizeUri', function($$sanitizeUri) {\r\n hasBeenInstantiated = true;\r\n if (svgEnabled) {\r\n extend(validElements, svgElements);\r\n }\r\n return function(html) {\r\n var buf = [];\r\n htmlParser(html, htmlSanitizeWriter(buf, function(uri, isImage) {\r\n return !/^unsafe:/.test($$sanitizeUri(uri, isImage));\r\n }));\r\n return buf.join('');\r\n };\r\n }];\r\n\r\n\r\n /**\r\n * @ngdoc method\r\n * @name $sanitizeProvider#enableSvg\r\n * @kind function\r\n *\r\n * @description\r\n * Enables a subset of svg to be supported by the sanitizer.\r\n *\r\n *
\r\n *

By enabling this setting without taking other precautions, you might expose your\r\n * application to click-hijacking attacks. In these attacks, sanitized svg elements could be positioned\r\n * outside of the containing element and be rendered over other elements on the page (e.g. a login\r\n * link). Such behavior can then result in phishing incidents.

\r\n *\r\n *

To protect against these, explicitly setup `overflow: hidden` css rule for all potential svg\r\n * tags within the sanitized content:

\r\n *\r\n *
\r\n *\r\n * 
\r\n   *   .rootOfTheIncludedContent svg {\r\n   *     overflow: hidden !important;\r\n   *   }\r\n   *
\r\n *
\r\n *\r\n * @param {boolean=} flag Enable or disable SVG support in the sanitizer.\r\n * @returns {boolean|$sanitizeProvider} Returns the currently configured value if called\r\n * without an argument or self for chaining otherwise.\r\n */\r\n this.enableSvg = function(enableSvg) {\r\n if (isDefined(enableSvg)) {\r\n svgEnabled = enableSvg;\r\n return this;\r\n } else {\r\n return svgEnabled;\r\n }\r\n };\r\n\r\n\r\n /**\r\n * @ngdoc method\r\n * @name $sanitizeProvider#addValidElements\r\n * @kind function\r\n *\r\n * @description\r\n * Extends the built-in lists of valid HTML/SVG elements, i.e. elements that are considered safe\r\n * and are not stripped off during sanitization. You can extend the following lists of elements:\r\n *\r\n * - `htmlElements`: A list of elements (tag names) to extend the current list of safe HTML\r\n * elements. HTML elements considered safe will not be removed during sanitization. All other\r\n * elements will be stripped off.\r\n *\r\n * - `htmlVoidElements`: This is similar to `htmlElements`, but marks the elements as\r\n * \"void elements\" (similar to HTML\r\n * [void elements](https://rawgit.com/w3c/html/html5.1-2/single-page.html#void-elements)). These\r\n * elements have no end tag and cannot have content.\r\n *\r\n * - `svgElements`: This is similar to `htmlElements`, but for SVG elements. This list is only\r\n * taken into account if SVG is {@link ngSanitize.$sanitizeProvider#enableSvg enabled} for\r\n * `$sanitize`.\r\n *\r\n *
\r\n * This method must be called during the {@link angular.Module#config config} phase. Once the\r\n * `$sanitize` service has been instantiated, this method has no effect.\r\n *
\r\n *\r\n *
\r\n * Keep in mind that extending the built-in lists of elements may expose your app to XSS or\r\n * other vulnerabilities. Be very mindful of the elements you add.\r\n *
\r\n *\r\n * @param {Array|Object} elements - A list of valid HTML elements or an object with one or\r\n * more of the following properties:\r\n * - **htmlElements** - `{Array}` - A list of elements to extend the current list of\r\n * HTML elements.\r\n * - **htmlVoidElements** - `{Array}` - A list of elements to extend the current list of\r\n * void HTML elements; i.e. elements that do not have an end tag.\r\n * - **svgElements** - `{Array}` - A list of elements to extend the current list of SVG\r\n * elements. The list of SVG elements is only taken into account if SVG is\r\n * {@link ngSanitize.$sanitizeProvider#enableSvg enabled} for `$sanitize`.\r\n *\r\n * Passing an array (`[...]`) is equivalent to passing `{htmlElements: [...]}`.\r\n *\r\n * @return {$sanitizeProvider} Returns self for chaining.\r\n */\r\n this.addValidElements = function(elements) {\r\n if (!hasBeenInstantiated) {\r\n if (isArray(elements)) {\r\n elements = {htmlElements: elements};\r\n }\r\n\r\n addElementsTo(svgElements, elements.svgElements);\r\n addElementsTo(voidElements, elements.htmlVoidElements);\r\n addElementsTo(validElements, elements.htmlVoidElements);\r\n addElementsTo(validElements, elements.htmlElements);\r\n }\r\n\r\n return this;\r\n };\r\n\r\n\r\n /**\r\n * @ngdoc method\r\n * @name $sanitizeProvider#addValidAttrs\r\n * @kind function\r\n *\r\n * @description\r\n * Extends the built-in list of valid attributes, i.e. attributes that are considered safe and are\r\n * not stripped off during sanitization.\r\n *\r\n * **Note**:\r\n * The new attributes will not be treated as URI attributes, which means their values will not be\r\n * sanitized as URIs using `$compileProvider`'s\r\n * {@link ng.$compileProvider#aHrefSanitizationWhitelist aHrefSanitizationWhitelist} and\r\n * {@link ng.$compileProvider#imgSrcSanitizationWhitelist imgSrcSanitizationWhitelist}.\r\n *\r\n *
\r\n * This method must be called during the {@link angular.Module#config config} phase. Once the\r\n * `$sanitize` service has been instantiated, this method has no effect.\r\n *
\r\n *\r\n *
\r\n * Keep in mind that extending the built-in list of attributes may expose your app to XSS or\r\n * other vulnerabilities. Be very mindful of the attributes you add.\r\n *
\r\n *\r\n * @param {Array} attrs - A list of valid attributes.\r\n *\r\n * @returns {$sanitizeProvider} Returns self for chaining.\r\n */\r\n this.addValidAttrs = function(attrs) {\r\n if (!hasBeenInstantiated) {\r\n extend(validAttrs, arrayToMap(attrs, true));\r\n }\r\n return this;\r\n };\r\n\r\n //////////////////////////////////////////////////////////////////////////////////////////////////\r\n // Private stuff\r\n //////////////////////////////////////////////////////////////////////////////////////////////////\r\n\r\n bind = angular.bind;\r\n extend = angular.extend;\r\n forEach = angular.forEach;\r\n isArray = angular.isArray;\r\n isDefined = angular.isDefined;\r\n lowercase = angular.$$lowercase;\r\n noop = angular.noop;\r\n\r\n htmlParser = htmlParserImpl;\r\n htmlSanitizeWriter = htmlSanitizeWriterImpl;\r\n\r\n nodeContains = window.Node.prototype.contains || /** @this */ function(arg) {\r\n // eslint-disable-next-line no-bitwise\r\n return !!(this.compareDocumentPosition(arg) & 16);\r\n };\r\n\r\n // Regular Expressions for parsing tags and attributes\r\n var SURROGATE_PAIR_REGEXP = /[\\uD800-\\uDBFF][\\uDC00-\\uDFFF]/g,\r\n // Match everything outside of normal chars and \" (quote character)\r\n NON_ALPHANUMERIC_REGEXP = /([^#-~ |!])/g;\r\n\r\n\r\n // Good source of info about elements and attributes\r\n // http://dev.w3.org/html5/spec/Overview.html#semantics\r\n // http://simon.html5.org/html-elements\r\n\r\n // Safe Void Elements - HTML5\r\n // http://dev.w3.org/html5/spec/Overview.html#void-elements\r\n var voidElements = stringToMap('area,br,col,hr,img,wbr');\r\n\r\n // Elements that you can, intentionally, leave open (and which close themselves)\r\n // http://dev.w3.org/html5/spec/Overview.html#optional-tags\r\n var optionalEndTagBlockElements = stringToMap('colgroup,dd,dt,li,p,tbody,td,tfoot,th,thead,tr'),\r\n optionalEndTagInlineElements = stringToMap('rp,rt'),\r\n optionalEndTagElements = extend({},\r\n optionalEndTagInlineElements,\r\n optionalEndTagBlockElements);\r\n\r\n // Safe Block Elements - HTML5\r\n var blockElements = extend({}, optionalEndTagBlockElements, stringToMap('address,article,' +\r\n 'aside,blockquote,caption,center,del,dir,div,dl,figure,figcaption,footer,h1,h2,h3,h4,h5,' +\r\n 'h6,header,hgroup,hr,ins,map,menu,nav,ol,pre,section,table,ul'));\r\n\r\n // Inline Elements - HTML5\r\n var inlineElements = extend({}, optionalEndTagInlineElements, stringToMap('a,abbr,acronym,b,' +\r\n 'bdi,bdo,big,br,cite,code,del,dfn,em,font,i,img,ins,kbd,label,map,mark,q,ruby,rp,rt,s,' +\r\n 'samp,small,span,strike,strong,sub,sup,time,tt,u,var'));\r\n\r\n // SVG Elements\r\n // https://wiki.whatwg.org/wiki/Sanitization_rules#svg_Elements\r\n // Note: the elements animate,animateColor,animateMotion,animateTransform,set are intentionally omitted.\r\n // They can potentially allow for arbitrary javascript to be executed. See #11290\r\n var svgElements = stringToMap('circle,defs,desc,ellipse,font-face,font-face-name,font-face-src,g,glyph,' +\r\n 'hkern,image,linearGradient,line,marker,metadata,missing-glyph,mpath,path,polygon,polyline,' +\r\n 'radialGradient,rect,stop,svg,switch,text,title,tspan');\r\n\r\n // Blocked Elements (will be stripped)\r\n var blockedElements = stringToMap('script,style');\r\n\r\n var validElements = extend({},\r\n voidElements,\r\n blockElements,\r\n inlineElements,\r\n optionalEndTagElements);\r\n\r\n //Attributes that have href and hence need to be sanitized\r\n var uriAttrs = stringToMap('background,cite,href,longdesc,src,xlink:href,xml:base');\r\n\r\n var htmlAttrs = stringToMap('abbr,align,alt,axis,bgcolor,border,cellpadding,cellspacing,class,clear,' +\r\n 'color,cols,colspan,compact,coords,dir,face,headers,height,hreflang,hspace,' +\r\n 'ismap,lang,language,nohref,nowrap,rel,rev,rows,rowspan,rules,' +\r\n 'scope,scrolling,shape,size,span,start,summary,tabindex,target,title,type,' +\r\n 'valign,value,vspace,width');\r\n\r\n // SVG attributes (without \"id\" and \"name\" attributes)\r\n // https://wiki.whatwg.org/wiki/Sanitization_rules#svg_Attributes\r\n var svgAttrs = stringToMap('accent-height,accumulate,additive,alphabetic,arabic-form,ascent,' +\r\n 'baseProfile,bbox,begin,by,calcMode,cap-height,class,color,color-rendering,content,' +\r\n 'cx,cy,d,dx,dy,descent,display,dur,end,fill,fill-rule,font-family,font-size,font-stretch,' +\r\n 'font-style,font-variant,font-weight,from,fx,fy,g1,g2,glyph-name,gradientUnits,hanging,' +\r\n 'height,horiz-adv-x,horiz-origin-x,ideographic,k,keyPoints,keySplines,keyTimes,lang,' +\r\n 'marker-end,marker-mid,marker-start,markerHeight,markerUnits,markerWidth,mathematical,' +\r\n 'max,min,offset,opacity,orient,origin,overline-position,overline-thickness,panose-1,' +\r\n 'path,pathLength,points,preserveAspectRatio,r,refX,refY,repeatCount,repeatDur,' +\r\n 'requiredExtensions,requiredFeatures,restart,rotate,rx,ry,slope,stemh,stemv,stop-color,' +\r\n 'stop-opacity,strikethrough-position,strikethrough-thickness,stroke,stroke-dasharray,' +\r\n 'stroke-dashoffset,stroke-linecap,stroke-linejoin,stroke-miterlimit,stroke-opacity,' +\r\n 'stroke-width,systemLanguage,target,text-anchor,to,transform,type,u1,u2,underline-position,' +\r\n 'underline-thickness,unicode,unicode-range,units-per-em,values,version,viewBox,visibility,' +\r\n 'width,widths,x,x-height,x1,x2,xlink:actuate,xlink:arcrole,xlink:role,xlink:show,xlink:title,' +\r\n 'xlink:type,xml:base,xml:lang,xml:space,xmlns,xmlns:xlink,y,y1,y2,zoomAndPan', true);\r\n\r\n var validAttrs = extend({},\r\n uriAttrs,\r\n svgAttrs,\r\n htmlAttrs);\r\n\r\n function stringToMap(str, lowercaseKeys) {\r\n return arrayToMap(str.split(','), lowercaseKeys);\r\n }\r\n\r\n function arrayToMap(items, lowercaseKeys) {\r\n var obj = {}, i;\r\n for (i = 0; i < items.length; i++) {\r\n obj[lowercaseKeys ? lowercase(items[i]) : items[i]] = true;\r\n }\r\n return obj;\r\n }\r\n\r\n function addElementsTo(elementsMap, newElements) {\r\n if (newElements && newElements.length) {\r\n extend(elementsMap, arrayToMap(newElements));\r\n }\r\n }\r\n\r\n /**\r\n * Create an inert document that contains the dirty HTML that needs sanitizing\r\n * Depending upon browser support we use one of three strategies for doing this.\r\n * Support: Safari 10.x -> XHR strategy\r\n * Support: Firefox -> DomParser strategy\r\n */\r\n var getInertBodyElement /* function(html: string): HTMLBodyElement */ = (function(window, document) {\r\n var inertDocument;\r\n if (document && document.implementation) {\r\n inertDocument = document.implementation.createHTMLDocument('inert');\r\n } else {\r\n throw $sanitizeMinErr('noinert', 'Can\\'t create an inert html document');\r\n }\r\n var inertBodyElement = (inertDocument.documentElement || inertDocument.getDocumentElement()).querySelector('body');\r\n\r\n // Check for the Safari 10.1 bug - which allows JS to run inside the SVG G element\r\n inertBodyElement.innerHTML = '';\r\n if (!inertBodyElement.querySelector('svg')) {\r\n return getInertBodyElement_XHR;\r\n } else {\r\n // Check for the Firefox bug - which prevents the inner img JS from being sanitized\r\n inertBodyElement.innerHTML = '

';\r\n if (inertBodyElement.querySelector('svg img')) {\r\n return getInertBodyElement_DOMParser;\r\n } else {\r\n return getInertBodyElement_InertDocument;\r\n }\r\n }\r\n\r\n function getInertBodyElement_XHR(html) {\r\n // We add this dummy element to ensure that the rest of the content is parsed as expected\r\n // e.g. leading whitespace is maintained and tags like `` do not get hoisted to the `` tag.\r\n html = '' + html;\r\n try {\r\n html = encodeURI(html);\r\n } catch (e) {\r\n return undefined;\r\n }\r\n var xhr = new window.XMLHttpRequest();\r\n xhr.responseType = 'document';\r\n xhr.open('GET', 'data:text/html;charset=utf-8,' + html, false);\r\n xhr.send(null);\r\n var body = xhr.response.body;\r\n body.firstChild.remove();\r\n return body;\r\n }\r\n\r\n function getInertBodyElement_DOMParser(html) {\r\n // We add this dummy element to ensure that the rest of the content is parsed as expected\r\n // e.g. leading whitespace is maintained and tags like `` do not get hoisted to the `` tag.\r\n html = '' + html;\r\n try {\r\n var body = new window.DOMParser().parseFromString(html, 'text/html').body;\r\n body.firstChild.remove();\r\n return body;\r\n } catch (e) {\r\n return undefined;\r\n }\r\n }\r\n\r\n function getInertBodyElement_InertDocument(html) {\r\n inertBodyElement.innerHTML = html;\r\n\r\n // Support: IE 9-11 only\r\n // strip custom-namespaced attributes on IE<=11\r\n if (document.documentMode) {\r\n stripCustomNsAttrs(inertBodyElement);\r\n }\r\n\r\n return inertBodyElement;\r\n }\r\n })(window, window.document);\r\n\r\n /**\r\n * @example\r\n * htmlParser(htmlString, {\r\n * start: function(tag, attrs) {},\r\n * end: function(tag) {},\r\n * chars: function(text) {},\r\n * comment: function(text) {}\r\n * });\r\n *\r\n * @param {string} html string\r\n * @param {object} handler\r\n */\r\n function htmlParserImpl(html, handler) {\r\n if (html === null || html === undefined) {\r\n html = '';\r\n } else if (typeof html !== 'string') {\r\n html = '' + html;\r\n }\r\n\r\n var inertBodyElement = getInertBodyElement(html);\r\n if (!inertBodyElement) return '';\r\n\r\n //mXSS protection\r\n var mXSSAttempts = 5;\r\n do {\r\n if (mXSSAttempts === 0) {\r\n throw $sanitizeMinErr('uinput', 'Failed to sanitize html because the input is unstable');\r\n }\r\n mXSSAttempts--;\r\n\r\n // trigger mXSS if it is going to happen by reading and writing the innerHTML\r\n html = inertBodyElement.innerHTML;\r\n inertBodyElement = getInertBodyElement(html);\r\n } while (html !== inertBodyElement.innerHTML);\r\n\r\n var node = inertBodyElement.firstChild;\r\n while (node) {\r\n switch (node.nodeType) {\r\n case 1: // ELEMENT_NODE\r\n handler.start(node.nodeName.toLowerCase(), attrToMap(node.attributes));\r\n break;\r\n case 3: // TEXT NODE\r\n handler.chars(node.textContent);\r\n break;\r\n }\r\n\r\n var nextNode;\r\n if (!(nextNode = node.firstChild)) {\r\n if (node.nodeType === 1) {\r\n handler.end(node.nodeName.toLowerCase());\r\n }\r\n nextNode = getNonDescendant('nextSibling', node);\r\n if (!nextNode) {\r\n while (nextNode == null) {\r\n node = getNonDescendant('parentNode', node);\r\n if (node === inertBodyElement) break;\r\n nextNode = getNonDescendant('nextSibling', node);\r\n if (node.nodeType === 1) {\r\n handler.end(node.nodeName.toLowerCase());\r\n }\r\n }\r\n }\r\n }\r\n node = nextNode;\r\n }\r\n\r\n while ((node = inertBodyElement.firstChild)) {\r\n inertBodyElement.removeChild(node);\r\n }\r\n }\r\n\r\n function attrToMap(attrs) {\r\n var map = {};\r\n for (var i = 0, ii = attrs.length; i < ii; i++) {\r\n var attr = attrs[i];\r\n map[attr.name] = attr.value;\r\n }\r\n return map;\r\n }\r\n\r\n\r\n /**\r\n * Escapes all potentially dangerous characters, so that the\r\n * resulting string can be safely inserted into attribute or\r\n * element text.\r\n * @param value\r\n * @returns {string} escaped text\r\n */\r\n function encodeEntities(value) {\r\n return value.\r\n replace(/&/g, '&').\r\n replace(SURROGATE_PAIR_REGEXP, function(value) {\r\n var hi = value.charCodeAt(0);\r\n var low = value.charCodeAt(1);\r\n return '&#' + (((hi - 0xD800) * 0x400) + (low - 0xDC00) + 0x10000) + ';';\r\n }).\r\n replace(NON_ALPHANUMERIC_REGEXP, function(value) {\r\n return '&#' + value.charCodeAt(0) + ';';\r\n }).\r\n replace(//g, '>');\r\n }\r\n\r\n /**\r\n * create an HTML/XML writer which writes to buffer\r\n * @param {Array} buf use buf.join('') to get out sanitized html string\r\n * @returns {object} in the form of {\r\n * start: function(tag, attrs) {},\r\n * end: function(tag) {},\r\n * chars: function(text) {},\r\n * comment: function(text) {}\r\n * }\r\n */\r\n function htmlSanitizeWriterImpl(buf, uriValidator) {\r\n var ignoreCurrentElement = false;\r\n var out = bind(buf, buf.push);\r\n return {\r\n start: function(tag, attrs) {\r\n tag = lowercase(tag);\r\n if (!ignoreCurrentElement && blockedElements[tag]) {\r\n ignoreCurrentElement = tag;\r\n }\r\n if (!ignoreCurrentElement && validElements[tag] === true) {\r\n out('<');\r\n out(tag);\r\n forEach(attrs, function(value, key) {\r\n var lkey = lowercase(key);\r\n var isImage = (tag === 'img' && lkey === 'src') || (lkey === 'background');\r\n if (validAttrs[lkey] === true &&\r\n (uriAttrs[lkey] !== true || uriValidator(value, isImage))) {\r\n out(' ');\r\n out(key);\r\n out('=\"');\r\n out(encodeEntities(value));\r\n out('\"');\r\n }\r\n });\r\n out('>');\r\n }\r\n },\r\n end: function(tag) {\r\n tag = lowercase(tag);\r\n if (!ignoreCurrentElement && validElements[tag] === true && voidElements[tag] !== true) {\r\n out('');\r\n }\r\n // eslint-disable-next-line eqeqeq\r\n if (tag == ignoreCurrentElement) {\r\n ignoreCurrentElement = false;\r\n }\r\n },\r\n chars: function(chars) {\r\n if (!ignoreCurrentElement) {\r\n out(encodeEntities(chars));\r\n }\r\n }\r\n };\r\n }\r\n\r\n\r\n /**\r\n * When IE9-11 comes across an unknown namespaced attribute e.g. 'xlink:foo' it adds 'xmlns:ns1' attribute to declare\r\n * ns1 namespace and prefixes the attribute with 'ns1' (e.g. 'ns1:xlink:foo'). This is undesirable since we don't want\r\n * to allow any of these custom attributes. This method strips them all.\r\n *\r\n * @param node Root element to process\r\n */\r\n function stripCustomNsAttrs(node) {\r\n while (node) {\r\n if (node.nodeType === window.Node.ELEMENT_NODE) {\r\n var attrs = node.attributes;\r\n for (var i = 0, l = attrs.length; i < l; i++) {\r\n var attrNode = attrs[i];\r\n var attrName = attrNode.name.toLowerCase();\r\n if (attrName === 'xmlns:ns1' || attrName.lastIndexOf('ns1:', 0) === 0) {\r\n node.removeAttributeNode(attrNode);\r\n i--;\r\n l--;\r\n }\r\n }\r\n }\r\n\r\n var nextNode = node.firstChild;\r\n if (nextNode) {\r\n stripCustomNsAttrs(nextNode);\r\n }\r\n\r\n node = getNonDescendant('nextSibling', node);\r\n }\r\n }\r\n\r\n function getNonDescendant(propName, node) {\r\n // An element is clobbered if its `propName` property points to one of its descendants\r\n var nextNode = node[propName];\r\n if (nextNode && nodeContains.call(node, nextNode)) {\r\n throw $sanitizeMinErr('elclob', 'Failed to sanitize html because the element is clobbered: {0}', node.outerHTML || node.outerText);\r\n }\r\n return nextNode;\r\n }\r\n}\r\n\r\nfunction sanitizeText(chars) {\r\n var buf = [];\r\n var writer = htmlSanitizeWriter(buf, noop);\r\n writer.chars(chars);\r\n return buf.join('');\r\n}\r\n\r\n\r\n// define ngSanitize module and register $sanitize service\r\nangular.module('ngSanitize', [])\r\n .provider('$sanitize', $SanitizeProvider)\r\n .info({ angularVersion: '1.7.2' });\r\n\r\n/**\r\n * @ngdoc filter\r\n * @name linky\r\n * @kind function\r\n *\r\n * @description\r\n * Finds links in text input and turns them into html links. Supports `http/https/ftp/sftp/mailto` and\r\n * plain email address links.\r\n *\r\n * Requires the {@link ngSanitize `ngSanitize`} module to be installed.\r\n *\r\n * @param {string} text Input text.\r\n * @param {string} [target] Window (`_blank|_self|_parent|_top`) or named frame to open links in.\r\n * @param {object|function(url)} [attributes] Add custom attributes to the link element.\r\n *\r\n * Can be one of:\r\n *\r\n * - `object`: A map of attributes\r\n * - `function`: Takes the url as a parameter and returns a map of attributes\r\n *\r\n * If the map of attributes contains a value for `target`, it overrides the value of\r\n * the target parameter.\r\n *\r\n *\r\n * @returns {string} Html-linkified and {@link $sanitize sanitized} text.\r\n *\r\n * @usage\r\n \r\n *\r\n * @example\r\n \r\n \r\n

\r\n Snippet: \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n
FilterSourceRendered
linky filter\r\n 
<div ng-bind-html=\"snippet | linky\">
</div>
\r\n 		\r\n
\r\n
linky target\r\n 
<div ng-bind-html=\"snippetWithSingleURL | linky:'_blank'\">
</div>
\r\n 		\r\n
\r\n
linky custom attributes\r\n 
<div ng-bind-html=\"snippetWithSingleURL | linky:'_self':{rel: 'nofollow'}\">
</div>
\r\n 		\r\n
\r\n
no filter
<div ng-bind=\"snippet\">
</div>
\r\n \r\n \r\n angular.module('linkyExample', ['ngSanitize'])\r\n .controller('ExampleController', ['$scope', function($scope) {\r\n $scope.snippet =\r\n 'Pretty text with some links:\\n' +\r\n 'http://angularjs.org/,\\n' +\r\n 'mailto:us@somewhere.org,\\n' +\r\n 'another@somewhere.org,\\n' +\r\n 'and one more: ftp://127.0.0.1/.';\r\n $scope.snippetWithSingleURL = 'http://angularjs.org/';\r\n }]);\r\n \r\n \r\n it('should linkify the snippet with urls', function() {\r\n expect(element(by.id('linky-filter')).element(by.binding('snippet | linky')).getText()).\r\n toBe('Pretty text with some links: http://angularjs.org/, us@somewhere.org, ' +\r\n 'another@somewhere.org, and one more: ftp://127.0.0.1/.');\r\n expect(element.all(by.css('#linky-filter a')).count()).toEqual(4);\r\n });\r\n\r\n it('should not linkify snippet without the linky filter', function() {\r\n expect(element(by.id('escaped-html')).element(by.binding('snippet')).getText()).\r\n toBe('Pretty text with some links: http://angularjs.org/, mailto:us@somewhere.org, ' +\r\n 'another@somewhere.org, and one more: ftp://127.0.0.1/.');\r\n expect(element.all(by.css('#escaped-html a')).count()).toEqual(0);\r\n });\r\n\r\n it('should update', function() {\r\n element(by.model('snippet')).clear();\r\n element(by.model('snippet')).sendKeys('new http://link.');\r\n expect(element(by.id('linky-filter')).element(by.binding('snippet | linky')).getText()).\r\n toBe('new http://link.');\r\n expect(element.all(by.css('#linky-filter a')).count()).toEqual(1);\r\n expect(element(by.id('escaped-html')).element(by.binding('snippet')).getText())\r\n .toBe('new http://link.');\r\n });\r\n\r\n it('should work with the target property', function() {\r\n expect(element(by.id('linky-target')).\r\n element(by.binding(\"snippetWithSingleURL | linky:'_blank'\")).getText()).\r\n toBe('http://angularjs.org/');\r\n expect(element(by.css('#linky-target a')).getAttribute('target')).toEqual('_blank');\r\n });\r\n\r\n it('should optionally add custom attributes', function() {\r\n expect(element(by.id('linky-custom-attributes')).\r\n element(by.binding(\"snippetWithSingleURL | linky:'_self':{rel: 'nofollow'}\")).getText()).\r\n toBe('http://angularjs.org/');\r\n expect(element(by.css('#linky-custom-attributes a')).getAttribute('rel')).toEqual('nofollow');\r\n });\r\n \r\n \r\n */\r\nangular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) {\r\n var LINKY_URL_REGEXP =\r\n /((s?ftp|https?):\\/\\/|(www\\.)|(mailto:)?[A-Za-z0-9._%+-]+@)\\S*[^\\s.;,(){}<>\"\\u201d\\u2019]/i,\r\n MAILTO_REGEXP = /^mailto:/i;\r\n\r\n var linkyMinErr = angular.$$minErr('linky');\r\n var isDefined = angular.isDefined;\r\n var isFunction = angular.isFunction;\r\n var isObject = angular.isObject;\r\n var isString = angular.isString;\r\n\r\n return function(text, target, attributes) {\r\n if (text == null || text === '') return text;\r\n if (!isString(text)) throw linkyMinErr('notstring', 'Expected string but received: {0}', text);\r\n\r\n var attributesFn =\r\n isFunction(attributes) ? attributes :\r\n isObject(attributes) ? function getAttributesObject() {return attributes;} :\r\n function getEmptyAttributesObject() {return {};};\r\n\r\n var match;\r\n var raw = text;\r\n var html = [];\r\n var url;\r\n var i;\r\n while ((match = raw.match(LINKY_URL_REGEXP))) {\r\n // We can not end in these as they are sometimes found at the end of the sentence\r\n url = match[0];\r\n // if we did not match ftp/http/www/mailto then assume mailto\r\n if (!match[2] && !match[4]) {\r\n url = (match[3] ? 'http://' : 'mailto:') + url;\r\n }\r\n i = match.index;\r\n addText(raw.substr(0, i));\r\n addLink(url, match[0].replace(MAILTO_REGEXP, ''));\r\n raw = raw.substring(i + match[0].length);\r\n }\r\n addText(raw);\r\n return $sanitize(html.join(''));\r\n\r\n function addText(text) {\r\n if (!text) {\r\n return;\r\n }\r\n html.push(sanitizeText(text));\r\n }\r\n\r\n function addLink(url, text) {\r\n var key, linkAttributes = attributesFn(url);\r\n html.push('');\r\n addText(text);\r\n html.push('');\r\n }\r\n };\r\n}]);\r\n\r\n\r\n})(window, window.angular);\r\n"],"file":"../../angular-1.7.2/angular-sanitize.js"}