goog.html.TrustedResourceUrl.fromConstant
), and not by invoking its
constructor. The constructor intentionally takes no parameters and the type
is immutable; hence only a default instance corresponding to the empty
string can be obtained via constructor invocation.
goog.html.TrustedResourceUrl |
![]()
Returns this URLs directionality, which is always
LTR .
|
code » | |
![]()
Returns this TrustedResourceUrl's value as a string.
IMPORTANT: In code where it is security relevant that an object's type is
indeed
TrustedResourceUrl , use
goog.html.TrustedResourceUrl.unwrap instead of this method. If in
doubt, assume that it's security relevant. In particular, note that
goog.html functions which return a goog.html type do not guarantee that
the returned instance is of the right type. For example:
var fakeSafeHtml = new String('fake'); fakeSafeHtml.__proto__ = goog.html.SafeHtml.prototype; var newSafeHtml = goog.html.SafeHtml.htmlEscape(fakeSafeHtml); // newSafeHtml is just an alias for fakeSafeHtml, it's passed through by // goog.html.SafeHtml.htmlEscape() as fakeSafeHtml instanceof // goog.html.SafeHtml. |
code » | |
![]()
Returns a debug string-representation of this value.
To obtain the actual string value wrapped in a TrustedResourceUrl, use
goog.html.TrustedResourceUrl.unwrap .
|
code » |
![]()
A type marker used to implement additional run-time type checking.
|
Code » | |
![]()
No description.
|
Code » | |
![]()
No description.
|
Code » | |
![]()
The contained value of this TrustedResourceUrl. The field has a purposely
ugly name to make (non-compiled) code that attempts to directly access this
field stand out.
|
Code » |
![]()
Utility method to create TrustedResourceUrl instances.
This function is considered "package private", i.e. calls (using "suppress
visibility") from other files within this package are considered acceptable.
DO NOT call this function from outside the goog.html package; use appropriate
wrappers instead.
Arguments:
Returns: !goog.html.TrustedResourceUrl
The initialized TrustedResourceUrl
object.
|
code » | ||
Creates a TrustedResourceUrl object from a compile-time constant string.
Compile-time constant strings are inherently program-controlled and hence
trusted.
Arguments:
|
code » | ||
Performs a runtime check that the provided object is indeed a
TrustedResourceUrl object, and returns its value.
Arguments:
Returns: string
The trustedResourceUrl object's contained string, unless
the run-time type check fails. In that case,
unwrap returns an
innocuous string, or, if assertions are enabled, throws
goog.asserts.AssertionError .
|
code » |
![]()
Type marker for the TrustedResourceUrl type, used to implement additional
run-time type checking.
|
Code » |