Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG

DEMO : https://plnkr.co/edit/Qke2jktna55h40ubUl8o?p=preview

import { DomSanitizer } from '@angular/platform-browser'@Pipe({ name: 'safeHtml'})export class SafeHtmlPipe implements PipeTransform  {  constructor(private sanitized: DomSanitizer) {}  transform(value) {    console.log(this.sanitized.bypassSecurityTrustHtml(value))    return this.sanitized.bypassSecurityTrustHtml(value);  }}@Component({  selector: 'my-app',  template: `    <div [innerHtml]="html | safeHtml">    </div>  `,})export class App {  name:string;  html: safeHtml;  constructor() {    this.name = 'Angular2'    this.html = "<svg> blah </svg>";  }}

angular angular-dom-sanitizer

Use DomSanitizer.bypassSecurityTrustHtml:

constructor(private sanitizer: DomSanitizer) {}let html = this.sanitizer.bypassSecurityTrustHtml("<svg> blah </svg>");

More information: https://angular.io/docs/ts/latest/guide/security.html#bypass-security-apis

angular angular-dom-sanitizer

This can also be done via object bracket notation:

let safeHtml = this.domSanitizer.bypassSecurityTrustHtml(content);console.log(safeHtml["changingThisBreaksApplicationSecurity");

Had to do this because safeHtml.changingThisBreaksApplicationSecurity didn't work for me.

CodeHunter

Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last