SecLists/Pattern-Matching/dangerous-functions-angular.txt

# Angular pipes
bypassSecurityTrustHtml
bypassSecurityTrustScript
bypassSecurityTrustStyle
bypassSecurityTrustUrl
bypassSecurityTrustResourceUrl

# Angular inputs
[innerHTML] #Insert given HTML without escaping dangerous characters

# angular.js (aka Angular 1)
trustAsHtml
$eval
$evalAsync
Update Angular dangerous functions 2020-01-31 17:26:08 +03:30			`# Angular pipes`
Add list of dangerous Angular/AngularJS functions (for #367) 2019-11-07 17:08:37 +01:00			`bypassSecurityTrustHtml`
			`bypassSecurityTrustScript`
			`bypassSecurityTrustStyle`
			`bypassSecurityTrustUrl`
			`bypassSecurityTrustResourceUrl`
Update Angular dangerous functions 2020-01-31 17:26:08 +03:30
			`# Angular inputs`
Update Angular dangerous functions 2020-01-31 17:27:18 +03:30			`[innerHTML] #Insert given HTML without escaping dangerous characters`
Update Angular dangerous functions 2020-01-31 17:26:08 +03:30
			`# angular.js (aka Angular 1)`
Add list of dangerous Angular/AngularJS functions (for #367) 2019-11-07 17:08:37 +01:00			`trustAsHtml`
			`$eval`
			`$evalAsync`