Remove angular.uppercase/lowercase #15445
Conversation
BREAKING CHANGE: The helper functions `angular.lowercase` `and angular.uppercase` have been removed. These functions have been deprecated since 1.5.0. They are internally used, but should not be exposed as it's possible that they do not work correctly with all locales (e.g. Turkish). It makes more sense that developers use special purpose functions if they need to.
Narretz
force-pushed
the
fix-remove-upper-lower
branch
from
a0a1ac4 to
841bb20
Compare
| @@ -2072,13 +2072,13 @@ function MockXhr() { | |||
| var header = this.$$respHeaders[name]; | |||
| if (header) return header; | |||
|
|
|||
| name = angular.lowercase(name); | |||
| name = angular.$$lowercase(name); | |||
There was a problem hiding this comment.
Why keep the service, even as a private one? String.prototype methods should be enough.
There was a problem hiding this comment.
I just noticed that angular.lowercase / uppercase is overwritten with a manual version that handles Turkish i:
Lines 210 to 232 in 19bc521
So in core, we use a "safe" version. But we don't want anyone else to use it? I guess we don't want anyone to use the special version when usually the prototype functions are enough.
There was a problem hiding this comment.
jQuery doesn't have any logic like that in its lowercasing and we haven't heard any complaints related to Turkish keyboards. Given jQuery's popularity I'd assume this code is no longer needed, especially that ES5 (!) mandates no such differences so I doubt any relatively recent browser would still have whatever issue existed (if it ever has).
I'd remove the "manual" functions as well. This is security-related code, though, so a this requires some consideration, though.
|
LGTM - keeping the private methods for the time being. |
|
K. FWIW, the "problem" still exists in modern browsers: http://plnkr.co/edit/cQHWgcqTLfZZ2LZXQQqG?p=preview |
|
@Narretz I don't see a problem in your fiddle. |
|
Hm. So if we use regular lowercase, then theoretically there could be a case where we lowercase some developer / user provided value, which is then sent to a server and arrives "incorrectly" lower cased when compared to the expected lower case string on the server. I believe we do this to http headers, for example. |
|
The So if there is any browser that violates ES5 and with Turkish locale has |
Closes angular#15445 BREAKING CHANGE: The helper functions `angular.lowercase` `and angular.uppercase` have been removed. These functions have been deprecated since 1.5.0. They are internally used, but should not be exposed as they contain special locale handling (for Turkish) to maintain internal consistency regardless of user-set locale. Developers should generally use the built-ins `toLowerCase` and `toUpperCase` or `toLocaleLowerCase` and `toLocaleUpperCase` for special cases. Further, we generally discourage using the angular.x helpers in application code.
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
fix/refactor
What is the current behavior? (You can also link to an open issue here)
we expose lowercase/uppercase on the public angular object
Does this PR introduce a breaking change?
yes
Please check if the PR fulfills these requirements
Other information: