safe.js
No description.

File Location

/goog/dom/safe.js


Public Protected Private

Global Functions

goog.dom.safe.documentWrite(dochtml)
Writes known-safe HTML to a document.
Arguments:
doc : !Document
The document to be written to.
html : !goog.html.SafeHtml
The known-safe HTML to assign.
code »
goog.dom.safe.setAnchorHref(anchorurl)
Safely assigns a URL to an anchor element's href property. If url is of type goog.html.SafeUrl, its value is unwrapped and assigned to anchor's href property. If url is of type string however, it is first sanitized using goog.html.SafeUrl.sanitize. Example usage: goog.dom.safe.setAnchorHref(anchorEl, url); which is a safe alternative to anchorEl.href = url; The latter can result in XSS vulnerabilities if url is a user-/attacker-controlled value.
Arguments:
anchor : !HTMLAnchorElement
The anchor element whose href property is to be assigned to.
url : string | !goog.html.SafeUrl
The URL to assign.
code »
goog.dom.safe.setInnerHtml(elemhtml)
Assigns known-safe HTML to an element's innerHTML property.
Arguments:
elem : !Element
The element whose innerHTML is to be assigned to.
html : !goog.html.SafeHtml
The known-safe HTML to assign.
code »
goog.dom.safe.setLocationHref(locurl)
Safely assigns a URL to a Location object's href property. If url is of type goog.html.SafeUrl, its value is unwrapped and assigned to loc's href property. If url is of type string however, it is first sanitized using goog.html.SafeUrl.sanitize. Example usage: goog.dom.safe.setLocationHref(document.location, redirectUrl); which is a safe alternative to document.location.href = redirectUrl; The latter can result in XSS vulnerabilities if redirectUrl is a user-/attacker-controlled value.
Arguments:
loc : !Location
The Location object whose href property is to be assigned to.
url : string | !goog.html.SafeUrl
The URL to assign.
code »

Directory dom

File Reference