[Backport 21.2.X] fix(core): avoid caching missing locale data by SkyZeroZx · Pull Request #69352 · angular/angular
Only cache locale data loaded from the global locale registry when an actual locale entry is found. This prevents attacker-controlled missing locale identifiers from being retained indefinitely in SSR when locale lookup falls back to a parent locale or the built-in English locale, avoiding unbounded process memory growth in locale-aware pipes and formatters. (cherry picked from commit ea8277a)
fix(core): avoid caching missing locale data
[Backport 21.2.X] fix(core): avoid caching missing locale data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters