That's a nice exploit. It's worth noting that this is only breaching Angular's defense in depth though: input values should never make it to things evaluated against $scope; that's roughly equivalent of calling eval() on user input.<p>AngularJS tries to protect developers against the worst, but it's the second layer of a defense in depth - this should never happen in the first place in a well written app.