Tom*_*Tom 25 angular angular-dom-sanitizer
我一直在使用带有SVG的DomSanitizer的html字符串.
在当前版本的Angular之前,这个工作得很好:
this.domSanitizer.bypassSecurityTrustHtml(content);
现在我得到一个叫做的对象
SafeHtmlImpl {changingThisBreaksApplicationSecurity: "<svg> blah </svg>"}
changingThisBreaksApplicationSecurity
现在是否有新的方法来访问DomSanitizer的输出?我应该以SafeHTML类型或其他方式接收它吗?如果它仍然过滤html,那么拥有bypassSecurityTrustHtml有什么意义呢?
明信片上的任何答案?请...
mic*_*yks 38
演示:https://plnkr.co/edit/Qke2jktna55h40ubUl8o? p = preview
import { DomSanitizer } from '@angular/platform-browser'
@Pipe({ name: 'safeHtml'})
export class SafeHtmlPipe implements PipeTransform {
constructor(private sanitized: DomSanitizer) {}
transform(value) {
console.log(this.sanitized.bypassSecurityTrustHtml(value))
return this.sanitized.bypassSecurityTrustHtml(value);
}
}
@Component({
selector: 'my-app',
template: `
<div [innerHtml]="html | safeHtml">
</div>
`,
})
export class App {
name:string;
html: safeHtml;
constructor() {
this.name = 'Angular2'
this.html = "<svg> blah </svg>";
}
}
| 归档时间: |
|
| 查看次数: |
33167 次 |
| 最近记录: |