使用 DomSanitizer 绕过安全性后,安全值必须使用 [property]=binding [英] Safe value must use [property]=binding after bypass security with DomSanitizer
本文介绍了使用 DomSanitizer 绕过安全性后,安全值必须使用 [property]=binding的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
<!--HTML CODE-->
<p #mass_timings></p>
//Controller code
@ViewChild('mass_timings') mass_timings: ElementRef;
constructor(private domSanitizer:DomSanitizer)
getInnerHTMLValue(){
this.mass_timings.nativeElement.innerHTML =
this.domSanitizer.bypassSecurityTrustHtml(this.parishDetail.mass_timings);
}
但 mass_timings 显示的输出包括文本:-
but the output which the mass_timings is displaying is including the text:-
安全值必须使用[property]=binding
Safe value must use [property]=binding
开头
如何删除这个字符串.
推荐答案
正如错误消息所说,需要使用属性绑定添加经过消毒的 HTML:
As the error message says, the sanitized HTML needs to be added using property binding:
<p [innerHTML]="massTimingsHtml"></p>
constructor(private domSanitizer:DomSanitizer) {
this.massTimingsHtml = this.getInnerHTMLValue();
}
getInnerHTMLValue(){
return this.domSanitizer.bypassSecurityTrustHtml(this.parishDetail.mass_timings);
}
StackBlitz 示例(基于 Swapnil Patwa 的 Plunker - 见评论下面)
StackBlitz example (based on Swapnil Patwa's Plunker - see comments below)
这篇关于使用 DomSanitizer 绕过安全性后,安全值必须使用 [property]=binding的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文