如何使用{{{}}}这是值得信赖的HTML语法？ [英] How to use {{{}}} syntax for trusted html?

问题描述

车把的 {{EX pression}} HTML表单，逃逸返回的值，而其 {{{EX pression}} } 窗体不会。有没有什么办法可以将此功能添加到AngualarJS模板，以便我们可以使用 {{EX pression}} 定期消毒输出和 { {{前pression}}} 可信，非转义HTML前pressions？

Handlebar's {{expression}} form HTML-escapes values returned while its {{{expression}}} form does not. Is there any way to add this feature to AngualarJS templates so that we can use {{expression}} for regular sanitized output and {{{expression}}} for trusted, non-escaped HTML expressions?

顺便说一句，我所熟悉的 NG-绑定-HTML 指令。

By the way, I am familiar with ng-bind-html directive.

推荐答案

答：简短的答案是否定的。我从来没有碰到过这样的配置。你不能得到{{{}}}在角工作。

Answer: The short answer is no. I've never come across such a configuration. You can't get {{{}}} to work in Angular.

有用的解决方法：这是不可能得到转义/ unsanitized HTML到通过范围视图不使用NG-绑定HTML的指令。你可以添加或者是辅助函数来控制器或添加一个过滤器，可能更容易一点用NG-绑定-HTML（的普拉克这里），但似乎仍然需要NG-绑定-HTML：

Helpful workaround: It is not possible to get unescaped/unsanitized HTML into a view through the scope without using the ng-bind-html directive. You could add either a helper function to your controller or add a filter that might make it a little easier to use ng-bind-html (Plunk here), but you still seem to need ng-bind-html:

var app = angular.module('plunker', ['ngSanitize']);

app.controller('MyController', function($scope, $sce) {
  $scope.someHtmlContent = "Label: <input name='test'>";

  $scope.h = function(html) {
    return $sce.trustAsHtml(html);
  };
}); 

app.filter('trustAsHtml', function($sce) { return $sce.trustAsHtml; });

然后你会使用这样的：

Then you would use it like this:

<body ng-controller="MyController">
  <div ng-bind-html="someHtmlContent | trustAsHtml"> 
  </div>

  <div ng-bind-html="h(someHtmlContent)"> 
  </div>
</body>

这篇关于如何使用{{{}}}这是值得信赖的HTML语法？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！