Updated to 1.9.1

rwjblue · rwjblue · commit 2f2fe0ba1d8b · 2014-12-23T13:13:47.000-05:00
diff --git a/index.html b/index.html
@@ -23,7 +23,7 @@ <h2>Welcome to Ember.js</h2>
 
   <script src="js/libs/jquery-1.10.2.js"></script>
   <script src="js/libs/handlebars-v2.0.0.js"></script>
-  <script src="js/libs/ember-1.9.0.js"></script>
+  <script src="js/libs/ember-1.9.1.js"></script>
   <script src="js/app.js"></script>
   <!-- to activate the test runner, add the "?test" query string parameter -->
   <script src="tests/runner.js"></script>
diff --git a/js/libs/ember-1.9.1.js b/js/libs/ember-1.9.1.js
@@ -5,7 +5,7 @@
  *            Portions Copyright 2008-2011 Apple Inc. All rights reserved.
  * @license   Licensed under MIT license
  *            See https://raw.github.com/emberjs/ember.js/master/LICENSE
- * @version   1.9.0
+ * @version   1.9.1
  */
 
 (function() {
@@ -6869,8 +6869,8 @@ enifed("ember-handlebars/ext",
       }
 
       Ember.assert(
-        fmt(path+" must be a subclass of Ember.View, not %@", [viewClass]),
-        View.detect(viewClass)
+        fmt(path+" must be a subclass or an instance of Ember.View, not %@", [viewClass]),
+        View.detect(viewClass) || View.detectInstance(viewClass)
       );
 
       return viewClass;
@@ -7188,8 +7188,8 @@ enifed("ember-handlebars/ext",
     __exports__.handlebarsGet = handlebarsGet;
   });
 enifed("ember-handlebars/helpers/bind_attr",
-  ["ember-metal/core","ember-handlebars-compiler","ember-metal/utils","ember-runtime/system/string","ember-metal/array","ember-views/views/view","ember-metal/keys","exports"],
-  function(__dependency1__, __dependency2__, __dependency3__, __dependency4__, __dependency5__, __dependency6__, __dependency7__, __exports__) {
+  ["ember-metal/core","ember-handlebars-compiler","ember-metal/utils","ember-runtime/system/string","ember-metal/array","ember-views/views/view","ember-metal/keys","ember-views/system/sanitize_attribute_value","exports"],
+  function(__dependency1__, __dependency2__, __dependency3__, __dependency4__, __dependency5__, __dependency6__, __dependency7__, __dependency8__, __exports__) {
     "use strict";
     /**
     @module ember
@@ -7207,6 +7207,8 @@ enifed("ember-handlebars/helpers/bind_attr",
     var View = __dependency6__["default"];
     var keys = __dependency7__["default"];
 
+    var sanitizeAttributeValue = __dependency8__["default"];
+
     var helpers = EmberHandlebars.helpers;
     var SafeString = EmberHandlebars.SafeString;
 
@@ -7372,6 +7374,7 @@ enifed("ember-handlebars/helpers/bind_attr",
 
         var lazyValue = view.getStream(path);
         var value = lazyValue.value();
+        value = sanitizeAttributeValue(null, attr, value);
         var type = typeOf(value);
 
         Ember.assert(fmt("Attributes must be numbers, strings or booleans, not %@", [value]), 
@@ -8960,13 +8963,19 @@ enifed("ember-handlebars/helpers/view",
       helper: function(thisContext, newView, options) {
         var data = options.data;
         var fn   = options.fn;
+        var newViewProto;
 
         makeBindings(options);
 
         var viewOptions = this.propertiesFromHTMLOptions(options, thisContext);
         var currentView = data.view;
         viewOptions.templateData = data;
-        var newViewProto = newView.proto();
+
+        if (View.detectInstance(newView)) {
+          newViewProto = newView;
+        } else {
+          newViewProto = newView.proto();
+        }
 
         if (fn) {
           Ember.assert("You cannot provide a template block if you also specified a templateName",
@@ -13134,7 +13143,7 @@ enifed("ember-metal/core",
 
       @class Ember
       @static
-      @version 1.9.0
+      @version 1.9.1
     */
 
     if ('undefined' === typeof Ember) {
@@ -13161,10 +13170,10 @@ enifed("ember-metal/core",
     /**
       @property VERSION
       @type String
-      @default '1.9.0'
+      @default '1.9.1'
       @static
     */
-    Ember.VERSION = '1.9.0';
+    Ember.VERSION = '1.9.1';
 
     /**
       Standard environmental variables. You can define these in a global `EmberENV`
@@ -38957,7 +38966,8 @@ enifed("ember-views/streams/read",
         viewClass = value;
       }
 
-      Ember.assert(fmt(value+" must be a subclass of Ember.View, not %@", [viewClass]), View.detect(viewClass));
+      Ember.assert(fmt(value+" must be a subclass or an instance of Ember.View, not %@", [viewClass]), View.detect(viewClass) || View.detectInstance(viewClass)
+      );
 
       return viewClass;
     }
@@ -40055,6 +40065,62 @@ enifed("ember-views/system/renderer",
 
     __exports__["default"] = EmberRenderer;
   });
+enifed("ember-views/system/sanitize_attribute_value",
+  ["ember-handlebars-compiler","exports"],
+  function(__dependency1__, __exports__) {
+    "use strict";
+    /* jshint scripturl:true */
+
+    var EmberHandlebars = __dependency1__["default"];
+
+    var parsingNode;
+    var badProtocols = {
+      'javascript:': true,
+      'vbscript:': true
+    };
+
+    var badTags = {
+      'A': true,
+      'BODY': true,
+      'LINK': true,
+      'IMG': true,
+      'IFRAME': true
+    };
+
+    var badAttributes = {
+      'href': true,
+      'src': true,
+      'background': true
+    };
+    __exports__.badAttributes = badAttributes;
+    __exports__["default"] = function sanitizeAttributeValue(element, attribute, value) {
+      var tagName;
+
+      if (!parsingNode) {
+        parsingNode = document.createElement('a');
+      }
+
+      if (!element) {
+        tagName = null;
+      } else {
+        tagName = element.tagName;
+      }
+
+      if (value instanceof EmberHandlebars.SafeString) {
+        return value.toString();
+      }
+
+      if ((tagName === null || badTags[tagName]) && badAttributes[attribute]) {
+        parsingNode.href = value;
+
+        if (badProtocols[parsingNode.protocol] === true) {
+          return 'unsafe:' + value;
+        }
+      }
+
+      return value;
+    }
+  });
 enifed("ember-views/system/utils",
   ["exports"],
   function(__exports__) {
@@ -41756,8 +41822,8 @@ enifed("ember-views/views/states/pre_render",
     __exports__["default"] = preRender;
   });
 enifed("ember-views/views/view",
-  ["ember-metal/core","ember-metal/platform","ember-runtime/mixins/evented","ember-runtime/system/object","ember-metal/error","ember-metal/property_get","ember-metal/property_set","ember-metal/set_properties","ember-metal/run_loop","ember-metal/observer","ember-metal/properties","ember-metal/utils","ember-metal/computed","ember-metal/mixin","ember-metal/streams/simple","ember-views/streams/key_stream","ember-metal/streams/stream_binding","ember-views/streams/context_stream","ember-metal/is_none","ember-metal/deprecate_property","ember-runtime/system/native_array","ember-runtime/system/string","ember-metal/enumerable_utils","ember-metal/property_events","ember-views/system/jquery","ember-views/system/ext","ember-views/views/core_view","exports"],
-  function(__dependency1__, __dependency2__, __dependency3__, __dependency4__, __dependency5__, __dependency6__, __dependency7__, __dependency8__, __dependency9__, __dependency10__, __dependency11__, __dependency12__, __dependency13__, __dependency14__, __dependency15__, __dependency16__, __dependency17__, __dependency18__, __dependency19__, __dependency20__, __dependency21__, __dependency22__, __dependency23__, __dependency24__, __dependency25__, __dependency26__, __dependency27__, __exports__) {
+  ["ember-metal/core","ember-metal/platform","ember-runtime/mixins/evented","ember-runtime/system/object","ember-metal/error","ember-metal/property_get","ember-metal/property_set","ember-metal/set_properties","ember-metal/run_loop","ember-metal/observer","ember-metal/properties","ember-metal/utils","ember-metal/computed","ember-metal/mixin","ember-metal/streams/simple","ember-views/streams/key_stream","ember-metal/streams/stream_binding","ember-views/streams/context_stream","ember-metal/is_none","ember-metal/deprecate_property","ember-runtime/system/native_array","ember-runtime/system/string","ember-metal/enumerable_utils","ember-metal/property_events","ember-views/system/jquery","ember-views/system/ext","ember-views/views/core_view","ember-views/system/sanitize_attribute_value","exports"],
+  function(__dependency1__, __dependency2__, __dependency3__, __dependency4__, __dependency5__, __dependency6__, __dependency7__, __dependency8__, __dependency9__, __dependency10__, __dependency11__, __dependency12__, __dependency13__, __dependency14__, __dependency15__, __dependency16__, __dependency17__, __dependency18__, __dependency19__, __dependency20__, __dependency21__, __dependency22__, __dependency23__, __dependency24__, __dependency25__, __dependency26__, __dependency27__, __dependency28__, __exports__) {
     "use strict";
     // Ember.assert, Ember.deprecate, Ember.warn, Ember.TEMPLATES,
     // Ember.K, jQuery, Ember.lookup,
@@ -41807,6 +41873,7 @@ enifed("ember-views/views/view",
      // for the side effect of extending Ember.run.queues
 
     var CoreView = __dependency27__["default"];
+    var sanitizeAttributeValue = __dependency28__["default"];
 
 
     /**
@@ -43177,6 +43244,22 @@ enifed("ember-views/views/view",
         if (!this.removedFromDOM) { this.destroyElement(); }
       },
 
+      /**
+        The HTML `id` of the view's element in the DOM. You can provide this
+        value yourself but it must be unique (just as in HTML):
+
+        ```handlebars
+          {{my-component elementId="a-really-cool-id"}}
+        ```
+
+        If not manually set a default value will be provided by the framework.
+
+        Once rendered an element's `elementId` is considered immutable and you
+        should never change it.
+
+        @property elementId
+        @type String
+      */
       elementId: null,
 
       /**
@@ -43980,7 +44063,8 @@ enifed("ember-views/views/view",
     // method.
     View.childViewsProperty = childViewsProperty;
 
-    View.applyAttributeBindings = function(elem, name, value) {
+    View.applyAttributeBindings = function(elem, name, initialValue) {
+      var value = sanitizeAttributeValue(elem[0], name, initialValue);
       var type = typeOf(value);
 
       // if this changes, also change the logic in ember-handlebars/lib/helpers/binding.js
