Pengertian Angular Js
AngularJS adalah sebuah kerangka framework Javascript bersifat terbuka atau open source yang di kembangkan atau di bangun oleh tim Google. angularjs menggunakan metode MVC [Model View Controller] yang membuat source code aplikasi menjadi rapi dan mudah di kembangkan. sampai saat ini angular.js sudah menjadi salah satu framework javascript yang paling populer dan sangat banyak di gunakan oleh para developer di seluruh dunia untuk membangun aplikasi. kehandalan dari angular.js sendiri tidak bisa di ragukan lagi, salah satu faktornya karena di kembangkan oleh para tim ahli dari google.
Fitur Umum Angular Js
Fitur Utama Dalam Angular Js
Tiga Komponen Utama Framework Angular.Js
Kelebihan AngularJS
Kekurangan AngularJS
Cara Kerja Angular Js
Saat halaman terbuka di browser, berikut hal-hal yang terjadi։
This tutorial provides some methods that are used for HTML-encoding a string without an XSS vulnerability.
Here is an example which somehow reduces the XSS chance:
Title of the document
let string1 = 'Html & Css & Javascript';
let string2 = "Html & Css & Javascript";
$[document].ready[function[] {
$["#encoded"].text[htmlEncode[string1]];
$["#decoded"].text[htmlDecode[string2]];
}];
function htmlDecode[value] {
return $[""].html[value].text[];
}
function htmlEncode[value] {
return $[''].text[value].html[];
}
On the htmlEncode function the innerText of the element is set, and the encoded innerHTML is retrieved. The innerHTML value of the element is set on the htmlDecode function the innerText is retrieved.
Convert
Encoding in URL:
Encoding in HTML:
function htmlEncode[value] {
//create a div in-memory, set it's inner text. Which jQuery automatically encodes.
//then take the encoded contents back out. The div never exists on the page.
return $[''].text[value].html[].replace[/&/g, '%26'];
}
function htmlDecode[value] {
return $[''].html[value].text[];
}
function convert[] {
let text = document.getElementById['textId'];
let HTMLencoded = [text.value];
document.getElementById['HTML-ENCODE'].value = HTMLencoded;
let urlEncode = htmlEncode[text.value];
$["#URL-ENCODE"].val[urlEncode];
}
This method will work fine in many scenarios, but in some cases, you will end up with a XSS vulnerability.
For the function above, consider the following string:
htmlDecode[" Javascript decoding the HTML function htmlDecode[input] {
let doc = new DOMParser[].parseFromString[input, "text/html"]; return doc.documentElement.textContent; } alert[htmlDecode["<img src='img.jpg'>"]]; // "" alert[htmlDecode[""]]; // ""
The function won’t run any JavaScript code as a side-effect. Any HTML tag will be ignored as the text content only will be returned.
Another useful and fast method exists which also encodes quote marks:
function htmlEscape[str] {
return str
.replace[/&/g, '&']
.replace[/'/g, "'"]
.replace[/"/g, '"']
.replace[/>/g, '>']
.replace[/
Chủ Đề