fix(core): hardening rules related to the attribute order on <iframe> elements #47935
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AndrewKushnir
added
state: WIP
area: core
AndrewKushnir
force-pushed
the
attr_order_hybrid
branch
2 times, most recently
from
4b7207c
to
5d36cbe
Compare
|
Note: this PR would also require a TGP. |
AndrewKushnir
added
action: review
AndrewKushnir
added
the
action: global presubmit
AndrewKushnir
force-pushed
the
attr_order_hybrid
branch
from
5d36cbe
to
c7618a9
Compare
|
TGP. |
alxhub
force-pushed
the
attr_order_hybrid
branch
2 times, most recently
from
135e9aa
to
daa70fb
Compare
alxhub
approved these changes
Nov 2, 2022
pkozlowski-opensource
approved these changes
Nov 2, 2022
alxhub
added
action: merge
…lements This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings.
alxhub
force-pushed
the
attr_order_hybrid
branch
from
daa70fb
to
b6795c1
Compare
angular-robot
bot
added
the
detected: breaking change
alxhub
pushed a commit
that referenced
this pull request
Nov 2, 2022
…lements (#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close #47935
alxhub
added
target: minor
pkozlowski-opensource
approved these changes
Nov 2, 2022
alxhub
approved these changes
Nov 2, 2022
|
This PR was merged into the repository by commit 2d08965. |
AndrewKushnir
removed
the
action: global presubmit
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 2, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings.
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 2, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close angular#47935
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 3, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close angular#47935
This was referenced Nov 3, 2022
Merged
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 3, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings.
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 3, 2022
…iframe elements (angular#47935)" This reverts commit 2d08965. The reason for revert is that we've identified some issues with implementation. The issues will get addressed soon and the fix would be re-submitted.
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 3, 2022
…iframe elements (angular#47935)" This reverts commit d4b3c0b.
AndrewKushnir
added a commit
that referenced
this pull request
Nov 4, 2022
AndrewKushnir
added a commit
to AndrewKushnir/angular
that referenced
this pull request
Nov 4, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close angular#47935
nouraellm
pushed a commit
to nouraellm/angular
that referenced
this pull request
Nov 6, 2022
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close angular#47935
nouraellm
pushed a commit
to nouraellm/angular
that referenced
this pull request
Nov 6, 2022
…iframe elements (angular#47935)" (angular#47959) This reverts commit 2d08965. The reason for revert is that we've identified some issues with implementation. The issues will get addressed soon and the fix would be re-submitted. PR Close angular#47959
|
This issue has been automatically locked due to inactivity. Read more about our automatic conversation locking policy. This action has been performed automatically by a bot. |
trekladyone
pushed a commit
to trekladyone/angular
that referenced
this pull request
Feb 1, 2023
…lements (angular#47935) This commit updates the logic related to the attribute order on iframes and makes the rules more strict. There is a set of iframe attributes that may affect the behavior of an iframe, this change enforces that these attributes are applied before an `src` or `srcdoc` attributes are applied to an iframe, so that they are taken into account. If Angular detects that some of the attributes are set after the `src` or `srcdoc`, it throws an error message, which contains the name of ann attribute that is causing the problem and the name of a Component where an iframe is located. In most cases, it should be enough to change the order of attributes in a template to move the `src` or `srcdoc` ones to the very end. BREAKING CHANGE: Existing iframe usages may have `src` or `srcdoc` preceding other attributes. Such usages may need to be updated to ensure compliance with the new stricter rules around iframe bindings. PR Close angular#47935
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit updates the logic related to the attribute order on <iframe>s and makes the rules more strict. There is a set of <iframe> attributes that may affect the behavior of an <iframe>, this change enforces that these attributes are applied before an
srcorsrcdocattributes are applied to an <iframe>, so that they are taken into account.If Angular detects that some of the attributes are set after the
srcorsrcdoc, it throws an error message, which contains the name of an attribute that is causing the problem and the name of a Component where an <iframe> is located. In most cases, it should be enough to change the order of attributes in a template to move thesrcorsrcdocones to the very end.PR Type
What kind of change does this PR introduce?
Does this PR introduce a breaking change?