Monday, May 20, 2024
Homepage · html
 Popular · Latest · Hot · Upcoming
29
rated 0 times [  36] [ 7]  / answers: 1 / hits: 15308  / 7 Years ago, wed, december 6, 2017, 12:00:00

I am using a wysiwyg editor in my Angular component, when i try to preview the content of the editor, (after i apply center to the text),
i get this warning:



WARNING: sanitizing HTML stripped some content (see http://g.co/ng/security#xss).

platform-browser.es5.js:1015



when i inspect the html:


<p>Text Here...</p>

but when i try to use console.log() to preview the content of the editor i get:


<p style="text-align: center;">Text Here...</p>

More From » html
 Answers
173

This is by design in Angular 2+ for security reasons. You can workaround it by using the DomSanitizer class.



For example you can make a pipe that prevents sanitization of the value:



import { Pipe, PipeTransform } from '@angular/core';

import { DomSanitizer, SafeHtml } from '@angular/platform-browser';



@Pipe({ name: 'noSanitize' })

export class NoSanitizePipe implements PipeTransform {

   constructor(private domSanitizer: DomSanitizer) {



   }

   transform(html: string): SafeHtml {

      return this.domSanitizer.bypassSecurityTrustHtml(html);

   }

}


Then you can use it in binding for example like this:



<div [innerHTML]=htmlText | noSanitize>

</div>

[#55738] Monday, December 4, 2017, 7 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
ryderalfonsos
Add To Favorites
Follow
Total Points: 655
Total Questions: 88
Total Answers: 91
Location: Nauru
Member since Thu, Feb 2, 2023
1 Year ago
ryderalfonsos questions
Tue, Dec 1, 20, 00:00, 4 Years ago
Mon, Sep 9, 19, 00:00, 5 Years ago
Wed, Feb 13, 19, 00:00, 5 Years ago
Tue, Feb 12, 19, 00:00, 5 Years ago
Fri, Dec 28, 18, 00:00, 6 Years ago
View All
;