bug: $ionicPopup.prompt() broken if "quotes" used in inputPlaceholder

[gregallensworth]

Type: bug

Platform: all

$ionicPopup.prompt() supports the inputPlaceholder option. This is not escaped, but used as-provided when passed to popup.js showPrompt()

Use of quotes will cause invalid HTML to be generated, causing at minimum the placeholder to be truncated, but potentially other strangeness, e.g. if the input contains a > character as well, it could terminate the tag and cause other misbehavior.

Example:

   $ionicPopup.prompt({
      title: 'Three Words Below?',
      inputPlaceholder: 'your "favorite" ><b>here',
   });

Implement check to escape these properly, since they are being placed inside an attribute.

[gregallensworth]

Confirmed that defaultText option is not affected, since this uses ng-model and is subject to Angular's own escaping. Title updated.

[gregallensworth]

Commit d3fad60 just follows this same pattern that was developing, of using Angular's own templating and binding instead of raw string interpolation. This should make $ionicPopup.prompt() more forgiving of certain types of input errors, and provide a clear copy-paste-easy method for adding new options in the future.