docs(ngMessages): Clarify ngMessages docs #14056
Conversation
During parent structural animations, ongoing animations on child elements are closed. These child elements are identified by their data-ng-animate attribute. If an element is the clone of an animating element, it might have this attribute, but no animation runner associated with it, so we need to ignore it. Fixes #11992 Closes #13424
…ations The new prepare class is added before the animation is pushed to the queue and removed before the animation runs, i.e. it is immediately available when a structural animation (enter, leave, move) is initialized. The class can be used to apply CSS to explicitly hide these elements to prevent a flash of content before the animation runs. This can happen if a structural animation (such as ng-if) sits at the bottom of a tree which has ng-class animations on the parents. Because child animations are spaced out with requestAnimationFrame, the ng-enter class might not be applied in time, so the ng.if element is briefly visible before its animation starts.
…mple The example has been expanded to make it easier to provoke the behavior that the description is talking about (rollbackViewValue and programmatic model updates) Related #13340
All the resolves for a route are now attached to the route's local scope,
as the property whose name is given by the `resolveAs` property on the
route definition.
If `resolveAs` is not specified it defaults to `$resolve`.
This will make it easier to use `ngRoute`, by being able to reference all
the resolve values for the route, directly on the scope, rather than having
to implement a controller just to copy the resolves across manually.
For example, rather than
```js
$routeProvider.when('/', {
resolve: {
item1: ($http) => $http.get(...),
item2: ($http) => $http.get(...)
},
template: '<my-app item1="vm.item1" item2="vm.item2">'</my-app>`,
controllerAs: 'vm',
controller: ['item1', 'item2', function(item1, item2) {
this.item1 = item1;
this.item2 = item2;
}]
});
```
one can now do
```js
$routeProvider.when('/', {
resolve: {
item1: ($http) => $http.get(...),
item2: ($http) => $http.get(...)
},
template: '<my-app item1="$resolve.item1" item2="$resolve.item2">'</my-app>`
});
```
BREAKING CHANGE:
A new property is being attached to the scope of the route. The default name
for this property is `$resolve`. If your scope already contains a property
with this name then it will be hidden or overwritten.
In this case, you should choose a custom name for this property, that will
not collide with other properties on the scope, by specifying the `resolveAs`
property on the route.
Closes #13400
Previously $rootScope would be new for each test, but old $rootScopes would never be destroyed. Now that we are able to destroy the $rootScope, doing so provides an opportunity for code to clean up things like long-lived event handlers between tests. Closes #13433
"any of the parameter value" contains plural (any of the) as well as singular (value). Fixed to be singular to match the rest of the text block. Closes #13448
…ontent exists Closes #11839
…ional slot Previously the contents of the `ngTransclude` element would always be emptied, even if there was no transclusion to replace it. Now, optional slots that have not been filled with content will not cause the `ngTransclude` contents to be emptied. Closes #13426
Prevent malicious attacks involving assignment on `constructor` properties. Closes #13417
The use element can reference external svg's (same origin) and can include xlink javascript urls or foreign object that can execute xss. This change disallows `<use>` elements in sanitized SVG markup. An example of a malicious SVG document would be: SVG to sanitize: ``` <svg><use xlink:href="test.svg#xss" /></svg> ``` External SVG file (test.svg) ``` <?xml version="1.0" encoding="UTF-8" standalone="no"?> <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" width="100" height="100" id="xss"> <a xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="javascript:alert(1)"> <circle cx="50" cy="50" r="40" stroke="black" stroke-width="3" fill="red" /> </a> </svg> ``` Here the SVG to sanitize loads in the `test.svg` file via the `<use>` element. The sanitizer is not able to parse this file, which contains malicious executable mark-up. This can only be taken advantage of if the external file is available via the same origin restrictions in place. Closes #13453 BREAKING CHANGE: The `<use>` element is now removed from SVG passed to the `$sanitize` service. This element is only used to import external SVG resources, which is a security risk as the `$sanitize` service does not have access to the resource in order to sanitize it.
The original statement is in the past tense (as if it were referring to a previous step of the tutorial). The mentioned changes, however, are being done in this setp. Closes #13452
You cannot create new objects inside Angular expressions. For example:
{{ new Date() }} expression fails.
Updated example which manually injects the filter. It matches sibling example in functionality. Also put html, js and css into separate files. Also change anchors to buttons. Closes #13402
Also, updated the corresponding entry in changelog. This came up in c054288#commitcomment-14783993.
| * | ||
| * Within this container we create separate elements for each of the possible errors that `myField` could be annotated with. Exactly | ||
| * which error a particular element corresponds to is declared using the `ngMessage` attribute - for example, `ng-message="required"` | ||
| * specified that this particular element should be displayed when the corresponding field is `required` but has no value. |
There was a problem hiding this comment.
This is imo too specific and could simply be "should be displayed when myField has the required error."
|
The idea to make this clear is good, but atm the changes need some work. I particularly don't like the wording "container" since it makes it sound like it's a different element than the |
|
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
1 similar comment
|
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
|
Thanks for the feedback, please take a look at the changes and let me know. I'll try to fix the CLA again in the meantime... |
|
I've signed it... again.... |
| * In order to show error messages corresponding to `myField` we first create an element with an `ngMessages` attribute | ||
| * set to the `$error` object owned by the `myField` input in our `myForm` form. | ||
| * | ||
| * Within this element we then create separate elements for each of the possible errors that the user's submission for |
There was a problem hiding this comment.
that the user's submission for myField could have -> that myField could have
|
I've left a few more comments to make the text a little less wordy and verbose, otherwise it looks good. |
|
We found a Contributor License Agreement for you (the sender of this pull request) and all commit authors, but as best as we can tell these commits were authored by someone else. If that's the case, please add them to this pull request and have them confirm that they're okay with these commits being contributed to Google. If we're mistaken and you did author these commits, just reply here to confirm. |
1 similar comment
|
We found a Contributor License Agreement for you (the sender of this pull request) and all commit authors, but as best as we can tell these commits were authored by someone else. If that's the case, please add them to this pull request and have them confirm that they're okay with these commits being contributed to Google. If we're mistaken and you did author these commits, just reply here to confirm. |
|
I tried to fix the email address issue by applying the script at https://help.github.com/articles/changing-author-info/ but it's broken the entire commit history. You'll have to bear with me while I fix this! |
|
I have closed this PR as it was a bit of a mess, please see #14103 for further discussion. |
Clarification of the core functionality of the ngMessages module
Addresses #14054