|
| 1 | + |
| 2 | +<a name="1.8.0"></a> |
| 3 | +# 1.8.0 nested-vaccination (2020-06-01) |
| 4 | + |
| 5 | +## Bug Fixes |
| 6 | +- **jqLite:** |
| 7 | + - prevent possible XSS due to regex-based HTML replacement |
| 8 | + ([2df43c](https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd)) |
| 9 | + |
| 10 | +## Breaking Changes |
| 11 | + |
| 12 | +### **jqLite** due to: |
| 13 | + - **[2df43c](https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd)**: prevent possible XSS due to regex-based HTML replacement |
| 14 | + |
| 15 | +JqLite no longer turns XHTML-like strings like `<div /><span />` to sibling elements `<div></div><span></span>` |
| 16 | +when not in XHTML mode. Instead it will leave them as-is. The browser, in non-XHTML mode, will convert these to: |
| 17 | +`<div><span></span></div>`. |
| 18 | + |
| 19 | +This is a security fix to avoid an XSS vulnerability if a new jqLite element is created from a user-controlled HTML string. |
| 20 | +If you must have this functionality and understand the risk involved then it is posible to restore the original behavior by calling |
| 21 | + |
| 22 | +```js |
| 23 | +angular.UNSAFE_restoreLegacyJqLiteXHTMLReplacement(); |
| 24 | +``` |
| 25 | + |
| 26 | +But you should adjust your code for this change and remove your use of this function as soon as possible. |
| 27 | + |
| 28 | +Note that this only patches jqLite. If you use jQuery 3.5.0 or newer, please read the [jQuery 3.5 upgrade guide](https://jquery.com/upgrade-guide/3.5/) for more details about the workarounds. |
| 29 | + |
| 30 | + |
1 | 31 | <a name="1.7.9"></a> |
2 | 32 | # 1.7.9 pollution-eradication (2019-11-19) |
3 | 33 |
|
|