ngSanitize remove valids SVG elements

[eXon]

ngSanitize does not support some very basics SVG elements.

An example of something not working with ng-bind-html:

ng-bind-html="data"

$scope.data = '<circle cx="50" cy="50" r="40" stroke="black" stroke-width="3" fill="red" />';

Their is many legits SVG elements that are not supported.

Their is an extensive list here: https://developer.mozilla.org/en-US/docs/Web/SVG/Element

I think ngSanitize should keep all of them. I can't think of any security reasons why we shouldn't.

The only though I have is wether we want to keep ngSanitize only for html5 or should we support more. SVG is being used a lot with angular now.

[IgorMinar]

yeah this sounds reasonable. anyone wants to send a clean PR that whitelists legit svg elements.

[eXon]

Perfect! I will take care of it and follow the PR checklist :)

[eXon]

Well you've been faster than me. Thank you for the fix :-)

[christianliebel]

@eXon You're welcome. That was a nice task to accomplish during ngEurope. ;-)