re-add link context, add tests for audio and source

Author: Narretz

src/ng/compile.js

@@ -3160,7 +3160,9 @@ function $CompileProvider($provide, $$sanitizeUriProvider) {
         }
       // maction[xlink:href] can source SVG.  It's not limited to <maction>.
       } else if (attrNormalizedName === 'xlinkHref' ||
-          (tag === 'form' && attrNormalizedName === 'action')
+          (tag === 'form' && attrNormalizedName === 'action') ||
+          // links can be stylesheets or imports, which can run script in the current origin
+          (tag === 'link' && attrNormalizedName === 'href')
       ) {
         return $sce.RESOURCE_URL;
       }

test/ng/compileSpec.js

@@ -10151,25 +10151,28 @@ describe('$compile', function() {
       expect(element.attr('src')).toEqual('http://example.com/image2.png');
     }));
 
-    // Older IEs seem to reject the video tag with "Error: Not implemented"
+    // IE9 rejects the video / audio tag with "Error: Not implemented" and the source tag with
+    // "Unable to get value of the property 'childNodes': object is null or undefined"
     if (!msie || msie > 9) {
-      it('should NOT require trusted values for video src',
-          inject(function($rootScope, $compile, $sce) {
-        element = $compile('<video src="{{testUrl}}"></video>')($rootScope);
-        $rootScope.testUrl = 'http://example.com/image.mp4';
-        $rootScope.$digest();
-        expect(element.attr('src')).toEqual('http://example.com/image.mp4');
+      they('should NOT require trusted values for $prop src', ['video', 'audio', 'source'],
+      function(tag) {
+        inject(function($rootScope, $compile, $sce) {
+          element = $compile('<' + tag + ' src="{{testUrl}}"></' + tag + '>')($rootScope);
+          $rootScope.testUrl = 'http://example.com/image.mp4';
+          $rootScope.$digest();
+          expect(element.attr('src')).toEqual('http://example.com/image.mp4');
 
-        // But it should accept trusted values anyway.
-        $rootScope.testUrl = $sce.trustAsUrl('http://example.com/image2.mp4');
-        $rootScope.$digest();
-        expect(element.attr('src')).toEqual('http://example.com/image2.mp4');
+          // But it should accept trusted values anyway.
+          $rootScope.testUrl = $sce.trustAsUrl('http://example.com/image2.mp4');
+          $rootScope.$digest();
+          expect(element.attr('src')).toEqual('http://example.com/image2.mp4');
 
-        // and trustedResourceUrls for retrocompatibility
-        $rootScope.testUrl = $sce.trustAsResourceUrl('http://example.com/image3.mp4');
-        $rootScope.$digest();
-        expect(element.attr('src')).toEqual('http://example.com/image3.mp4');
-      }));
+          // and trustedResourceUrls for retrocompatibility
+          $rootScope.testUrl = $sce.trustAsResourceUrl('http://example.com/image3.mp4');
+          $rootScope.$digest();
+          expect(element.attr('src')).toEqual('http://example.com/image3.mp4');
+        });
+      });
     }
   });