javascript - Angularjs ng-bind-html-unsafe replacement

Question

Ask a Question

Welcome To Ask or Share your Answers For Others

javascript - Angularjs ng-bind-html-unsafe replacement

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

I used to be able to use ng-bind-html-unsafe to output unsanitized code (because sanitization happens serverside).

But now that option is gone? I know I can use $sce.trustAsHtml but adding that to the JavaScript all over the place is a huge pain when unsafe was so easy to use.

How do I get unsafe back?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

315 views

1 Answer

深蓝 · Answer 1 · 2021-10-23T17:51:23+0000

Simpler again.

App.filter('unsafe', ['$sce', function ($sce) {
    return function (val) {
        return $sce.trustAsHtml(val);
    };
}]);

Usage:

<any ng-bind-html="content | unsafe"></any>

For more on html binding check the docs here.

Just a warning: make sure you actually trust the html, or you could be opening a hole in your sites security.

Categories

javascript - Angularjs ng-bind-html-unsafe replacement

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags