ng-bind-html部分正常工作 [英] ng-bind-html work partially than expected
问题描述
内容包含一些图像标签,并且可以与 ng-bind-html
一起正常工作,但是我发现了一个错误.参见下面的图片,我的JSON包含一些iframe标记,但输出未输出html.为什么?ng-bind-html避免使用iframe代码?
The content contains some image tag and it worked just fine with the ng-bind-html
but I found bug. See my picture below, my JSON contained some iframe tag but the output isn't output the html. Why? ng-bind-html avoid iframe tags?
推荐答案
ngBindHtml
将在显示前通过 $ sce.getTrustedHtml
传递HTML.我怀疑这就是删除 iframe
的原因.
ngBindHtml
will pass the HTML through $sce.getTrustedHtml
before displaying it. I suspect this is what would be removing the iframe
.
根据文档, $ sce.trustAsHtml
可用于避免此检查,只要您完全信任来自此源的任何HTML-来自 iframe
不受信任来源可能会为您网页的访问者带来一些令人讨厌的事情.
According to the docs, $sce.trustAsHtml
can be used to avoid this check, so long as you fully trust any HTML coming from this source - an iframe
from an untrusted source could likely do a number on nasty things to visitors to your page.
$scope.codeOut = $sce.trustAsHtml(data.html);
使用这种方法要非常小心!
Be very careful with this methodology!
更新:
请记住,必须包含 $ sce
...
Remember that $sce
must be included ...
var someHTML_Directive = ['$sce', function($sce) {
...
}];
这篇关于ng-bind-html部分正常工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!