You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jan 6, 2025. It is now read-only.
The sanitization should work the same as without flex-layout module
What is the current behavior?
: is being split in style value and may result in invalid (unsafe) style when sanitazing, warning: sanitizing unsafe style value url(https (see http://g.co/ng/security#xss)., the style is applied then correctly, just the warning shouldn't be there.
Bug Report
What is the expected behavior?
The sanitization should work the same as without flex-layout module
What is the current behavior?
:is being split in style value and may result in invalid (unsafe) style when sanitazing, warning:sanitizing unsafe style value url(https (see http://g.co/ng/security#xss)., the style is applied then correctly, just the warning shouldn't be there.What are the steps to reproduce?
Open console in:
https://stackblitz.com/edit/angular-flex-layout-seed-ubokny
Which versions of Angular, Material, OS, TypeScript, browsers are affected?
Angular@7.1.3 + flex-layout@7.0.0-beta.21
(maybe those two aren't supposed to work together? if so then please disregard this issue)
Is there anything else we should know?
I guess the
stringToKeyValueis at fault as it assumes there is no other colon in the string.https://github.com/angular/flex-layout/blob/master/src/lib/extended/style/style-transforms.ts#L81