New regexp to trust urls with.
Current RegExp if called without value or self for chaining otherwise.
Defines the security context for DOM properties bound by ng-prop-*.
The element name or '*' to match any element.
The DOM property name.
The $sce security context in which this value is safe for use, e.g. $sce.URL
this
for chaining
Name of the component in camelCase (i.e. myComp
which will match <my-comp>
),
or an object map of components where the keys are the names and the values are the component definition objects.
Component definition object (a simplified {directive definition object}), with the following properties (all optional):
controller
– {(string|function()=}
– controller constructor function that should be
associated with newly created scope or the name of a {controller} if passed as a string. An empty noop
function by default.
controllerAs
– {string=}
– identifier name for to reference the controller in the component's scope.
If present, the controller will be published to scope under the controllerAs
name.
If not present, this will default to be $ctrl
.
template
– {string=|function()=}
– html template as a string or a function that
returns an html template as a string which should be used as the contents of this component.
Empty string by default.
If template
is a function, then it is {injected} with
the following locals:
$element
- Current element$attrs
- Current attributes object for the elementtemplateUrl
– {string=|function()=}
– path or function that returns a path to an html
template that should be used as the contents of this component.
If templateUrl
is a function, then it is {injected} with
the following locals:
$element
- Current element$attrs
- Current attributes object for the elementbindings
– {object=}
– defines bindings between DOM attributes and component properties.
Component properties are always bound to the component controller and not to the scope.
See {bindToController
}.
transclude
– {boolean=}
– whether {content transclusion} is enabled.
Disabled by default.
require
- {Object<string, string>=}
- requires the controllers of other directives and binds them to
this component's controller. The object keys specify the property names under which the required
controllers (object values) will be bound. See {require
}.
$...
– additional properties to attach to the directive factory function and the controller
constructor function. (This is used by the component router to annotate)
the compile provider itself, for chaining of function calls.
Register a new directive with the compiler.
Name of the directive in camel-case (i.e. ngBind
which will match
as ng-bind
), or an object map of directives where the keys are the names and the values
are the factories.
An injectable directive factory function. See the guide/directive directive guide and the $compile compile API for more info.
Self for chaining.
Retrieves or overrides the default regular expression that is used for determining trusted safe urls during img[src] sanitization.
The sanitization is a security measure aimed at prevent XSS attacks via html links.
Any url about to be assigned to img[src] via data-binding is first normalized and turned into
an absolute url. Afterwards, the url is matched against the imgSrcSanitizationTrustedUrlList
regular expression. If a match is found, the original url is written into the dom. Otherwise,
the absolute url is prefixed with 'unsafe:'
string and only then is it written into the DOM.
New regexp to trust urls with.
Current RegExp if called without value or self for chaining otherwise.
Static
$inject
Retrieves or overrides the default regular expression that is used for determining trusted safe urls during a[href] sanitization.
The sanitization is a security measure aimed at preventing XSS attacks via html links.
Any url about to be assigned to a[href] via data-binding is first normalized and turned into an absolute url. Afterwards, the url is matched against the
aHrefSanitizationTrustedUrlList
regular expression. If a match is found, the original url is written into the dom. Otherwise, the absolute url is prefixed with'unsafe:'
string and only then is it written into the DOM.