About ANGULARJS automatically escaping HTML tags when binding data

Source: Internet
Author: User
Tortured for a long time, and finally found the answer so simple. Angularjs in the data binding by default will be in the form of text output, that is, the HTML tags in your data are not escaped the full receipt, so as to improve security, prevent injection attacks in HTML tags, but sometimes it is necessary, In particular, when reading formatted text from a database, it does not display properly in the page.
So how do we output $scope. value= "<a> am I a link </a>" Such a label?  Obviously to escape HTML, you need to use the Ng-bind-html property in the tag of the data-bound HTML, which relies on $sanitzie, so you need to introduce the Angular-sanitzie.js file and inject Ngsanitzie in the module. This will enable the escape of the label if the attentive friend will find that the style= "" in the test is not normally escaped because the style label will be angular considered unsafe, so it is automatically filtered out. The above method can only implement static bindings and cannot escape the style. If you need dynamic data binding, and you need a style tag, there is no way to solve it. There is no way to continue research, the final solution is as follows one of the $SCE is angular's own security processing module, $SCE. The trustashtml (input) method is to return the content as an HTML method.

About ANGULARJS automatically escaping HTML tags when binding data

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.