ng-bind-html部分正常工作 [英] ng-bind-html work partially than expected

问题描述

内容包含一些图像标签，并且可以与 ng-bind-html 一起正常工作，但是我发现了一个错误.参见下面的图片，我的JSON包含一些iframe标记，但输出未输出html.为什么?ng-bind-html避免使用iframe代码?

The content contains some image tag and it worked just fine with the ng-bind-html but I found bug. See my picture below, my JSON contained some iframe tag but the output isn't output the html. Why? ng-bind-html avoid iframe tags?

推荐答案

ngBindHtml 将在显示前通过 $ sce.getTrustedHtml 传递HTML.我怀疑这就是删除 iframe 的原因.

ngBindHtml will pass the HTML through $sce.getTrustedHtml before displaying it. I suspect this is what would be removing the iframe.

根据文档， $ sce.trustAsHtml 可用于避免此检查，只要您完全信任来自此源的任何HTML-来自 iframe 不受信任来源可能会为您网页的访问者带来一些令人讨厌的事情.

According to the docs, $sce.trustAsHtml can be used to avoid this check, so long as you fully trust any HTML coming from this source - an iframe from an untrusted source could likely do a number on nasty things to visitors to your page.

$scope.codeOut = $sce.trustAsHtml(data.html);

使用这种方法要非常小心！

Be very careful with this methodology!

更新:

请记住，必须包含 $ sce ...

Remember that $sce must be included ...

var someHTML_Directive = ['$sce', function($sce) {
 ...
}];

这篇关于ng-bind-html部分正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！