AngularJS 1.6.6 no eval / strings XSS

I’m testing web-app where i can not use strings or eval word(blocked by waf), they are running on AngularJS 1.6.6

I have seen this payload which fits my needs for version 1.4.0 but not does not work for 1.6.6

{{toString().constructor.prototype.charAt=[].join; [1,2]|orderBy:toString().constructor.fromCharCode(120,61,97,108,101,114,116,40,49,41)}}

I have very little experience with AngularJS, so my question is if similar payload is possible to construct for version 1.6.6 and if anyone is kind enough to guide me how to construct one.

Using Spring and AngularJS in combination

Hello Software Engineering,

I want to make an sever administration tool. I started doing it with Spring and AngularJS. But the more code I put in this “little” side-project, the more I am starting asking myself if this combination is as good as I thought it is.

I am currently making an apprenticeship as a software developer so I am not that experienced in engineering an application.

Does anyone have some suggestions about what frameworks to use for something like that? Every answer would be helpful. I’ve read a lot of blog posts about JSP for example and now I am asking myself if this would be better than AngularJS.

Any suggestions? Thank you in advance!

Como fazer o download de uma imagem pelo AngularJS

Estou criando uma funcionalidade parecida com o anexo do email, em que anexamos arquivos mas se quisermos visualizá-lo para confirmar os arquivos a serem enviados realizamos o download.

É nessa parte que estou tendo o problema

function abrirArquivo() {  var decoded = $  base64.decode(base64);  var url = window.URL.createObjectURL(new Blob([decoded], {type:"image/png"}));  var link = document.createElement('a');  link.href = url;  link.setAttribute('download', "teste");  document.body.appendChild(link);  link.click();  } 

Eu uso a função acima que pega o base64 da imagem que eu quero baixar, converte para binário e passa para o construtor do Blob, mas quando o download termina a imagem abre com erro:

inserir a descrição da imagem aqui

Sidebar AngularJS

eu tenho um controller SideBar que gerencia as páginas do meu site e ao clicar em um link vamos para a página.inserir a descrição da imagem aqui

Segue o código que define o controller:

(function () { 'use strict'; angular.module('centric').controller('SidebarCtrl', ['$  scope', '$  uibModal', 'AuthFactory', 'RequestFactory', function ($  scope, $  uibModal, AuthFactory, RequestFactory) {      $  scope.options = [         {             name: 'Dashboard',             href: '#/app/dashboard'         },{             name: 'Clientes',             href: '#/app/clients'         },         {             name: 'Compras',             href: '#/app/compras'         }     ];  }]); })(); 

Então, o terceiro botão da sidebar, Compras, não consegue me redirecionar para a página compras.html, apenas me redireciona para Dashboard de novo.

Compras.html tem a mesma estrutura que clientes.html, pois irei usar de base e fazer as alterações necessárias. Daí criei um compras.html na pasta app/view e colei o conteúdo de clientes.html… o que estou fazendo de errado?

Visualizar uma foto usando o html no Angularjs [pendente]

Bom dia! Tenho pouca experiência no Angular e preciso da ajuda dos senhores.

Tenho uma tela de Registro de funcionário e preciso apresentar a foto do funcionário na tela.

Já gravei a foto no banco Mysql no formato “MEDIUMBLOB”.

Implementei a rotina abaixo mas não consigo visualizar a imagem na tela. Algém poderia me ajudar?

No backend: Campo: CONTEUDO – tipo: MEDIUMBLOB L.CONTEUDO AS ‘FOTOS.CONTEUDO’

No Frontend

Foto

Resultado na tela: [object Object]

What is an easy way to format datetime in angularjs?

I’ve been around for hours to find out how to format datetime in angularjs, but there’s no easy way, too complicated. I wonder if there is.

So, I have a datetime string like 2019-06-14 12:15:00. I want to format it to 14 Jun 2019 12:15:00. I tried this in the view:

{{ 2019-06-14 12:15:00 | date : 'dd MMM yyyy hh:mm:ss' }} 

No, it’s not working. I wonder if there’s a simple way to do it. May be there’s a built-in function in angular or javascript?

AngularJS 1.8 – templateUrl displays url in view instead of the template


Summary

I’m trying to convert my angularjs components/directives over to TypeScript. Unfortunately, the templateUrl property doesn’t display the template that’s passed to it. Instead, it literally displays a partial path the template.

Code

class JumpPagerController { ...     } }  JumpPagerController.$  inject = ['$  timeout']; export const jumpPagerComponent = {     templateUrl: './jump-pager.component.html',     controller: JumpPagerController,     bindings: {         pagerPlaceholder: '@?',         pagerCurrentPage: '=',         pagerItemsPerPage: '=',         pagerTotalItems: '=',         pagerChange: '&'     } }; 

Expected

enter image description here

Actual

enter image description here

What I’ve Tried

  • Passing in the baseUrl (didn’t have high hopes here:
    • templateUrl: `$ {baseUrl}/jump-pager.component.html`
    • templateUrl: localhost:8080/jump-pager.component.html
  • template: require('...') works, but would require me to reconfigure webpack and then modify all other cases of templateUrl in .js files. This isn’t an option
  • I’ve reviewed similar questions but no one else seems to be having quite the same issue. They’re all either using JavaScript instead of TypeScript, or they’re only having an issue with the template not rendering and don’t seem to be getting the weird problem with the template path being displayed.

Recap

So you can see that I’m at a loss. What is the correct way to use templateUrl on an angularjs component using typescript and webpack?

How to let VSCode snippets suggest angularjs directives only as atributes?

My snippets are suggesting angularjs directives everywhere, not only in html tags as attributes.

I have this snippet now.

{     "ng-app": {         "prefix": "data-ng-app",         "body": "data-ng-app=\"app\"$  0"     },     "ng-bind": {         "prefix": "data-ng-bind",         "body": "data-ng-bind=\"$  1\"$  0"     },     "ng-bind-html": {         "prefix": "data-ng-bind-html",         "body": "data-ng-bind-html=\"$  1\"$  0"     },     "ng-bind-template": {         "prefix": "data-ng-bind-template",         "body": "data-ng-bind-template=\"$  1\"$  0"     },     "ng-controller": {         "prefix": "data-ng-controller",         "body": "data-ng-controller=\"$  1\"$  0"     },     "ng-model": {         "prefix": "data-ng-model",         "body": "data-ng-model=\"$  1\"$  0"     },     "ng-view": {         "prefix": "data-ng-view",         "body": "data-ng-view=\"\"$  0"     } } 

Expected: suggest only if cursor is at this position

“|” = cursor

Current: Suggest everywhere

angularJS failed redirect

I have created a login page. After login validation, i want it to redirect to a path defined in the controller. '/home'

It redirects to http://localhost:8082/#/home

But I want it be redirected to

http://localhost:8082/home

@Controller public class HomeController {     @RequestMapping("/home")     public String home() {       return "index";     } }  angular.module('myApp', []).controller('myController',     [ '$  scope', '$  http', '$  location', function($  scope, $  http, $  location) {         var username = "";         var password = "";         $  scope.add = function() {             username = $  scope.valuea;             password = $  scope.valueb;              username = 'eve.holt@reqres.in';             password = 'cityslicka';             $  http.post('https://reqres.in/api/login', {                 email : username,                 password : password             }).success(function(response) {                 console.log('response:', response);                 // $  window.location.href = '/index.html';                 //$  location.path('/home');                 console.log('login in successful. Redirect to path /home');                 $  scope.redirectToDraftPage = function() {                     console.log('redirecting to /home');                     $  location.path('/home');                  };              });          }     } ]);