DomSanitizer helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing values to be safe to use in the different DOM contexts. Any questions concerning DomSanitizer package
Questions tagged [angular-dom-sanitizer]
120 questions
47
votes
5 answers
Correct way Provide DomSanitizer to Component with Angular 2 RC6
I'm attempting to use DomSanitizer to sanitize a dynamic URL within a Component using I can't seem to figure out what the correct way to specify a Provider for this service is.
I'm using Angular 2.0.0-rc.6
Here's my current component:
@Component({
…
kalmas
- 831
- 1
- 8
- 12
37
votes
4 answers
Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG
I've been using DomSanitizer with an SVG in an html string.
Previous to the current version of Angular, this worked just fine:
this.domSanitizer.bypassSecurityTrustHtml(content);
Now I am getting an object back called
SafeHtmlImpl…
Tom
- 1,447
- 1
- 12
- 26
9
votes
1 answer
Angular DomSanitizer - SecurityContext.NONE
Official Angular Security Guide speaks about 4 security contexts: HTML, Url, Style and Resource Url.
Each one is responsible for sanitizing corresponding type of resource.
In addition, there are 5 methods (per resource type) in DomSanitizer service
…
JeB
- 11,653
- 10
- 58
- 87
9
votes
1 answer
angular 2 missing domsanitizer when try to start
im running angular2 rc 5 all doing fine until im restart my pc and doing npm start again, before restart pc everything working fine
when im try to start my project again
there is an error saying that ,
node_modules/@angular/platform-browser/index…
Rommy
- 447
- 3
- 10
- 23
6
votes
2 answers
How do I go about testing a Pipe which depends on DomSanitizer?
Angular version: 8.1.2
Testing tools: Karma and Jasmine, as pre-installed by ng new
I am currently working on my first ever Angular project. As a part of this, I have created a pipe which calls DomSanitizer.bypassSecurityTrustResourceUrl. I do this…
Rummskartoffel
- 63
- 1
- 4
5
votes
2 answers
Angular Dom Sanitizer HTML cannot copy text
I used DomSanitizer to sanitize my HTML content from database to be displayed on page.
Where safeHtml is:
safeHtml(html){
return this.sanitize.bypassSecurityTrustHtml(html);
}
It works perfect.…
Vlada Veljkovic
- 141
- 1
- 6
5
votes
2 answers
Sanitize Blob Url in Angular 4 by DomSanitizer
The idea is to embed a pdf file on angular side that is being returned by node express server in blob form.
After then i get the image and created a URL
const file = new Blob([this.data], { type: 'application/pdf' });
this.fileUrl =…
Puneet Sharma
- 246
- 3
- 14
5
votes
2 answers
Angular bypassSecurityTrustResourceUrl saying any argument is undefined
I'm trying to sanitize a URL using bypassSecurityTrustResourceUrl. However, regardless of what value I put in the argument I always get
Cannot read property bypassSecurityTrustResourceUrl of undefined
return…
Eric Petrine
- 53
- 1
- 4
5
votes
2 answers
Angular 6 sanitize local drive url
I have tried using DomSanitizer methods to sanitize the following type of url with no success
C:\path\to\executable
Is there any way to sanitize this url to be used as href value?
Also I am binding the value with [] notation so I am sure it is not…
Yakup Türkan
- 576
- 2
- 6
- 21
5
votes
2 answers
Angular 2: How can I apply directives to sanitized html/innerhtml
I am working on an application where i am getting responses in html format from a server.
I am using the DomSanitizer's bypassSecurityTrustHtml and adding the sanitized html to my component ().
My problem is that a few of the elements in the…
clearfix
- 467
- 1
- 5
- 10
4
votes
1 answer
bypassSecurityTrustHtml disables anchor tag while displaying html using [innerHtml]
I am using Angular 10. I have a scenario to get html string (value returned by rich text editor) and display it in my Application (using innerHtml). I'll be getting all kinds of styles, like background color, font-color, highlight text, hyperlinks…
Ganesh
- 1,820
- 2
- 20
- 40
4
votes
1 answer
In Angular is there a way to inject html that contains a component directive into the template of a parent component?
I would like to have html in my database that contains component directives and then use that as part of a component template in Angular.
For an example, if I have:
in App component template and this in the code…
Jim Moore
- 131
- 1
- 6
4
votes
1 answer
How run script as string using DomSanitzer bypassSecurityTrustScript() in Angular
I have a trusted Javascript/Angular script in a string format that I would like execute in an angular component. I understant this is what the Domsanitizer bypassSecurityTrustScript() does. Angular Domsanitizer
However when try to run in my…
Ka Tech
- 8,937
- 14
- 53
- 78
4
votes
2 answers
how to embed Youtube videos in a Ionic 4 app
I am trying to develop an ionic app that i will be deploying as a pwa in which i want to embed Youtube Videos and display them in a grid. Video links, their titles, and brief descriptions are provided by my Cloud Firestore objects.
Now the problem…
pulkit aggarwal
- 107
- 1
- 2
- 7
3
votes
1 answer
Angular 9 new unit test error: "unsafe value used in a resource URL context"
Since upgrading my Angular application from version 8 to version 9 I've got a new error appearing when I run my Jest unit test:
unsafe value used in a resource URL context (see http://g.co/ng/security#xss)
The component I am testing uses the…
Ewan
- 378
- 3
- 14