21.1.0-next.1
📦 angularView on GitHub →
✨ 1 features🐛 8 fixes🔧 5 symbols
Summary
This release focuses on security hardening for XSS and XSRF, performance optimizations for signals and tree shaking, and bug fixes across core, forms, and the router.
✨ New Features
- Allows transforms on FormUiControl signals
🐛 Bug Fixes
- Prevent XSS via SVG animation attributeName and MathML/SVG URLs
- Avoid allocating an object for signals in production mode in compiler-cli
- Check that field radio button values are strings
- Run animation queue in environment injector context
- Fix inability to inject viewProviders when host directive with providers is present
- Support dynamic [field] bindings in forms
- Enable XSRF protection for same-origin absolute URLs
- Handle errors from view transition finished promise in router
🔧 Affected Symbols
FormUiControlviewProviders[field]XSRFenvironment injector