Morph MORPH
SIGN IN SIGN UP
angular / angular.js UNCLAIMED

AngularJS - HTML enhanced for web apps!

0 0 0 JavaScript

fix($parse): disallow access to Function constructor

Enhances sandboxing of Angular Expressions to prevent attacks via:

  {}.toString.constructor(alert("evil JS code"))
C
Chirayu Krishnappa committed
5349b20097dc5cdff0216ee219ac5f6e6ef8c219
Parent: fd87eb0
Committed by Igor Minar <igor@angularjs.org> on 7/3/2013, 7:03:56 AM