upgrade to AngularJS 1.0.0rc7 rc-generation

app/lib/angular/angular-cookies.js

@@ -1,5 +1,5 @@
 /**
- * @license AngularJS v1.0.0rc6
+ * @license AngularJS v1.0.0rc7
  * (c) 2010-2012 Google, Inc. http://angularjs.org
  * License: MIT
  */

app/lib/angular/angular-cookies.min.js

@@ -1,5 +1,5 @@
 /*
- AngularJS v1.0.0rc6
+ AngularJS v1.0.0rc7
  (c) 2010-2012 Google, Inc. http://angularjs.org
  License: MIT
 */

app/lib/angular/angular-loader.js

@@ -1,5 +1,5 @@
 /**
- * @license AngularJS v1.0.0rc6
+ * @license AngularJS v1.0.0rc7
  * (c) 2010-2012 Google, Inc. http://angularjs.org
  * License: MIT
  */

app/lib/angular/angular-loader.min.js

@@ -1,5 +1,5 @@
 /*
- AngularJS v1.0.0rc6
+ AngularJS v1.0.0rc7
  (c) 2010-2012 Google, Inc. http://angularjs.org
  License: MIT
 */

app/lib/angular/angular-resource.js

@@ -1,5 +1,5 @@
 /**
- * @license AngularJS v1.0.0rc6
+ * @license AngularJS v1.0.0rc7
  * (c) 2010-2012 Google, Inc. http://angularjs.org
  * License: MIT
  */

app/lib/angular/angular-sanitize.js

@@ -1,5 +1,5 @@
 /**
- * @license AngularJS v1.0.0rc6
+ * @license AngularJS v1.0.0rc7
  * (c) 2010-2012 Google, Inc. http://angularjs.org
  * License: MIT
  */
@@ -400,18 +400,16 @@ function htmlSanitizeWriter(buf){
 // define ngSanitize module and register $sanitize service
 angular.module('ngSanitize', []).value('$sanitize', $sanitize);
 
-
-
 /**
  * @ngdoc directive
  * @name angular.module.ngSanitize.directive.ngBindHtml
  *
  * @description
  * Creates a binding that will sanitize the result of evaluating the `expression` with the
- * {@link angular.module.ng.$sanitize $sanitize} service and innerHTML the result into the current
- * element.
+ * {@link angular.module.ngSanitize.$sanitize $sanitize} service and innerHTML the result into the
+ * current element.
  *
- * See {@link angular.module.ng.$sanitize $sanitize} docs for examples.
+ * See {@link angular.module.ngSanitize.$sanitize $sanitize} docs for examples.
  *
  * @element ANY
  * @param {expression} ngBindHtml {@link guide/dev_guide.expressions Expression} to evaluate.

app/lib/angular/angular.js

@@ -1,5 +1,5 @@
 /**
- * @license AngularJS v1.0.0rc6
+ * @license AngularJS v1.0.0rc7
  * (c) 2010-2012 Google, Inc. http://angularjs.org
  * License: MIT
  */
@@ -1243,11 +1243,11 @@ function setupModuleLoader(window) {
  * - `codeName` – `{string}` – Code name of the release, such as "jiggling-armfat".
  */
 var version = {
-  full: '1.0.0rc6',    // all of these placeholder strings will be replaced by rake's
+  full: '1.0.0rc7',    // all of these placeholder strings will be replaced by rake's
   major: 1,    // compile task
   minor: 0,
   dot: 0,
-  codeName: 'runny-nose'
+  codeName: 'rc-generation'
 };
 
 
@@ -1305,6 +1305,7 @@ function publishExternalAPI(angular){
             ngClass: ngClassDirective,
             ngClassEven: ngClassEvenDirective,
             ngClassOdd: ngClassOddDirective,
+            ngCsp: ngCspDirective,
             ngCloak: ngCloakDirective,
             ngController: ngControllerDirective,
             ngForm: ngFormDirective,
@@ -1873,8 +1874,8 @@ function createEventHandler(element) {
 
     // Remove monkey-patched methods (IE),
     // as they would cause memory leaks in IE8.
-    if (msie < 8) {
-      // IE7 does not allow to delete property on native object
+    if (msie <= 8) {
+      // IE7/8 does not allow to delete property on native object
       event.preventDefault = null;
       event.stopPropagation = null;
       event.isDefaultPrevented = null;
@@ -1918,14 +1919,12 @@ forEach({
           bindFn(element, 'mouseover', function(event) {
             counter++;
             if (counter == 1) {
-              event.type = 'mouseenter';
               mouseenter(event);
             }
           });
           bindFn(element, 'mouseout', function(event) {
             counter --;
             if (counter == 0) {
-              event.type = 'mouseleave';
               mouseleave(event);
             }
           });
@@ -5277,7 +5276,7 @@ var OPERATORS = {
 };
 var ESCAPE = {"n":"\n", "f":"\f", "r":"\r", "t":"\t", "v":"\v", "'":"'", '"':'"'};
 
-function lex(text){
+function lex(text, csp){
   var tokens = [],
       token,
       index = 0,
@@ -5437,7 +5436,7 @@ function lex(text){
     if (OPERATORS.hasOwnProperty(ident)) {
       token.fn = token.json = OPERATORS[ident];
     } else {
-      var getter = getterFn(ident);
+      var getter = getterFn(ident, csp);
       token.fn = extend(function(self, locals) {
         return (getter(self, locals));
       }, {
@@ -5511,10 +5510,10 @@ function lex(text){
 
 /////////////////////////////////////////
 
-function parser(text, json, $filter){
+function parser(text, json, $filter, csp){
   var ZERO = valueFn(0),
       value,
-      tokens = lex(text),
+      tokens = lex(text, csp),
       assignment = _assignment,
       functionCall = _functionCall,
       fieldAccess = _fieldAccess,
@@ -5782,7 +5781,7 @@ function parser(text, json, $filter){
 
   function _fieldAccess(object) {
     var field = expect().text;
-    var getter = getterFn(field);
+    var getter = getterFn(field, csp);
     return extend(
         function(self, locals) {
           return getter(object(self, locals), locals);
@@ -5935,32 +5934,119 @@ function getter(obj, path, bindFnToScope) {
 
 var getterFnCache = {};
 
-function getterFn(path) {
+/**
+ * Implementation of the "Black Hole" variant from:
+ * - http://jsperf.com/angularjs-parse-getter/4
+ * - http://jsperf.com/path-evaluation-simplified/7
+ */
+function cspSafeGetterFn(key0, key1, key2, key3, key4) {
+  return function(scope, locals) {
+    var pathVal = (locals && locals.hasOwnProperty(key0)) ? locals : scope,
+        promise;
+
+    if (!pathVal) return pathVal;
+
+    pathVal = pathVal[key0];
+    if (pathVal && pathVal.then) {
+      if (!("$$v" in pathVal)) {
+        promise = pathVal;
+        promise.$$v = undefined;
+        promise.then(function(val) { promise.$$v = val; });
+      }
+      pathVal = pathVal.$$v;
+    }
+    if (!key1 || !pathVal) return pathVal;
+
+    pathVal = pathVal[key1];
+    if (pathVal && pathVal.then) {
+      if (!("$$v" in pathVal)) {
+        promise = pathVal;
+        promise.$$v = undefined;
+        promise.then(function(val) { promise.$$v = val; });
+      }
+      pathVal = pathVal.$$v;
+    }
+    if (!key2 || !pathVal) return pathVal;
+
+    pathVal = pathVal[key2];
+    if (pathVal && pathVal.then) {
+      if (!("$$v" in pathVal)) {
+        promise = pathVal;
+        promise.$$v = undefined;
+        promise.then(function(val) { promise.$$v = val; });
+      }
+      pathVal = pathVal.$$v;
+    }
+    if (!key3 || !pathVal) return pathVal;
+
+    pathVal = pathVal[key3];
+    if (pathVal && pathVal.then) {
+      if (!("$$v" in pathVal)) {
+        promise = pathVal;
+        promise.$$v = undefined;
+        promise.then(function(val) { promise.$$v = val; });
+      }
+      pathVal = pathVal.$$v;
+    }
+    if (!key4 || !pathVal) return pathVal;
+
+    pathVal = pathVal[key4];
+    if (pathVal && pathVal.then) {
+      if (!("$$v" in pathVal)) {
+        promise = pathVal;
+        promise.$$v = undefined;
+        promise.then(function(val) { promise.$$v = val; });
+      }
+      pathVal = pathVal.$$v;
+    }
+    return pathVal;
+  };
+};
+
+function getterFn(path, csp) {
   if (getterFnCache.hasOwnProperty(path)) {
     return getterFnCache[path];
   }
 
-  var fn, code = 'var l, fn, p;\n';
-  forEach(path.split('.'), function(key, index) {
-    code += 'if(!s) return s;\n' +
-            'l=s;\n' +
-            's='+ (index
-                    // we simply direference 's' on any .dot notation
-                    ? 's'
-                    // but if we are first then we check locals firs, and if so read it first
-                    : '((k&&k.hasOwnProperty("' + key + '"))?k:s)') + '["' + key + '"]' + ';\n' +
-            'if (s && s.then) {\n' +
-              ' if (!("$$v" in s)) {\n' +
-                ' p=s;\n' +
-                ' p.$$v = undefined;\n' +
-                ' p.then(function(v) {p.$$v=v;});\n' +
-                '}\n' +
-              ' s=s.$$v\n' +
-            '}\n';
-  });
-  code += 'return s;';
-  fn = Function('s', 'k', code);
-  fn.toString = function() { return code; };
+  var pathKeys = path.split('.'),
+      pathKeysLength = pathKeys.length,
+      fn;
+
+  if (csp) {
+    fn = (pathKeysLength < 6)
+        ? cspSafeGetterFn(pathKeys[0], pathKeys[1], pathKeys[2], pathKeys[3], pathKeys[4])
+        : function(scope, locals) {
+          var i = 0, val;
+          do {
+            val = cspSafeGetterFn(
+                    pathKeys[i++], pathKeys[i++], pathKeys[i++], pathKeys[i++], pathKeys[i++]
+                  )(scope, locals);
+            locals = undefined; // clear after first iteration
+          } while (i < pathKeysLength);
+        };
+  } else {
+    var code = 'var l, fn, p;\n';
+    forEach(pathKeys, function(key, index) {
+      code += 'if(!s) return s;\n' +
+              'l=s;\n' +
+              's='+ (index
+                      // we simply dereference 's' on any .dot notation
+                      ? 's'
+                      // but if we are first then we check locals first, and if so read it first
+                      : '((k&&k.hasOwnProperty("' + key + '"))?k:s)') + '["' + key + '"]' + ';\n' +
+              'if (s && s.then) {\n' +
+                ' if (!("$$v" in s)) {\n' +
+                  ' p=s;\n' +
+                  ' p.$$v = undefined;\n' +
+                  ' p.then(function(v) {p.$$v=v;});\n' +
+                  '}\n' +
+                ' s=s.$$v\n' +
+              '}\n';
+    });
+    code += 'return s;';
+    fn = Function('s', 'k', code); // s=scope, k=locals
+    fn.toString = function() { return code; };
+  }
 
   return getterFnCache[path] = fn;
 }
@@ -5969,13 +6055,13 @@ function getterFn(path) {
 
 function $ParseProvider() {
   var cache = {};
-  this.$get = ['$filter', function($filter) {
+  this.$get = ['$filter', '$sniffer', function($filter, $sniffer) {
     return function(exp) {
       switch(typeof exp) {
         case 'string':
           return cache.hasOwnProperty(exp)
             ? cache[exp]
-            : cache[exp] =  parser(exp, false, $filter);
+            : cache[exp] =  parser(exp, false, $filter, $sniffer.csp);
         case 'function':
           return exp;
         default:
@@ -7551,7 +7637,9 @@ function $SnifferProvider() {
         }
 
         return eventSupport[event];
-      }
+      },
+      // TODO(i): currently there is no way to feature detect CSP without triggering alerts
+      csp: false
     };
   }];
 }
@@ -11373,7 +11461,7 @@ var ngBindTemplateDirective = ['$interpolate', function($interpolate) {
  * @description
  * Creates a binding that will innerHTML the result of evaluating the `expression` into the current
  * element. *The innerHTML-ed content will not be sanitized!* You should use this directive only if
- * {@link angular.module.ng.$compileProvider.directive.ngBindHtml ngBindHtml} directive is too
+ * {@link angular.module.ngSanitize.directive.ngBindHtml ngBindHtml} directive is too
  * restrictive and when you absolutely trust the source of the content you are binding to.
  *
  * See {@link angular.module.ngSanitize.$sanitize $sanitize} docs for examples.
@@ -11694,6 +11782,32 @@ var ngControllerDirective = [function() {
   };
 }];
 
+/**
+ * @ngdoc directive
+ * @name angular.module.ng.$compileProvider.directive.ngCsp
+ * @priority 1000
+ *
+ * @description
+ * Enables [CSP (Content Security Policy)](https://developer.mozilla.org/en/Security/CSP) support.
+ * This directive should be used on the root element of the application (typically the `<html>`
+ * element or other element with the {@link angular.module.ng.$compileProvider.directive.ngApp ngApp}
+ * directive).
+ *
+ * If enabled the performance of template expression evaluator will suffer slightly, so don't enable
+ * this mode unless you need it.
+ *
+ * @element html
+ */
+
+var ngCspDirective = ['$sniffer', function($sniffer) {
+  return {
+    priority: 1000,
+    compile: function() {
+      $sniffer.csp = true;
+    }
+  };
+}];
+
 /**
  * @ngdoc directive
  * @name angular.module.ng.$compileProvider.directive.ngClick