display "<" as < in html by removing double quotes

Question

I have some json array with data, one of the keys has the following format

x = "&lt;sometext&gt;"

I want to display it as "<sometext>"

Right now it gets displayed as <sometext>

I have in html

<tr data-ng-repeat ="d in data">
    <td>{{d.x}}</td>
</tr>

I saw in another thread that you remove the quotations by doing the following

var someStr = 'He said "Hello, my name is Foo"';
console.log(someStr.replace(/['"]+/g, ''));

I tried doing

{{d.x.replace(/&lt;/, '<').replace(/&gt;/, '>')}}

but it all it does is display on html, the following

{{d.x.replace(/</, '<').replace(/>/, '>')}}

If you want it to display as `""` then you need to add double quotes, not remove them. — Boann, Dec 12 '14 at 21:35
@nevermind Just replace < and > with < and > similary just quote them around. — PSL, Dec 12 '14 at 21:43

score 1 · Answer 1 · answered Dec 12 '14 at 21:42

1

You need to wrap the string in another set of double-quotes, and unescape the brackets. Angular will take care of displaying it as text instead of html:

"{{d.x.replace(/&lt;/, '<').replace(/&gt;/, '>')}}"

answered Dec 12 '14 at 21:42

ampersandre

3,156
3
29
37

Daniel · Answer 2 · 2014-12-12T21:50:58.323

0

By default, AngularJS template expressions do not evaluate HTML. This happens for safety reasons, so you should think about related security issues (can the user manipulate this variable?)

If you decide to evaluate HTML contents nonetheless you might use ngBindHtml.

<tr data-ng-repeat ="d in data">
    <td ng-bind-html="d.x"></td>
</tr>

For safety reasons you need to include ngSanitize in addition to stanard AngularJS. See this fiddle as example.

edited Dec 12 '14 at 21:50

answered Dec 12 '14 at 21:44

Daniel

3,541
3
33
46

how to override "Error: [$sce:unsafe] Attempting to use an unsafe value in a safe context." – Dec 12 '14 at 21:46
You might need to include ngSanitize to make this work. – Daniel Dec 12 '14 at 21:48
@nevermind I updated my answer to help solving this problem and added a fiddle showing a working solution. – Daniel Dec 12 '14 at 21:52
I wonder: is there any option to allow HTML entities, but not HTML tags to be parsed? – Niet the Dark Absol Dec 12 '14 at 21:52
@NiettheDarkAbsol A fast way would be to simply transform tags to entities, like discussed in this question http://stackoverflow.com/q/5499078/3346612 – Daniel Dec 12 '14 at 21:57
actually when I apply it to all string in the page although it works, my console is full of $sanitize:badparse Parsing .... – Dec 12 '14 at 22:03
@nevermind can you give us an example which fires this warning? Maybe that could help solving your problem. – Daniel Dec 14 '14 at 00:52

display "<" as < in html by removing double quotes

2 Answers2