Angularjs HTML content in an expression, how it is not escaped, directly represented as an HTML element

In the template, directly:

Direct use in Ionic:

<p class= "Contentwen" ng-bind-html= "detial.content" ></p>//translated HTML

By default, ANGULARJS will escape any HTML tags in the interpolation instruction job expression (model), such as the following model:
$scope. msg = "hello,<b>world</b>!"
<p>{{msg}}</p>
The rendering process escapes the B-tags, and their meetings are displayed in plain text rather than as markers;
The interpolation instruction escapes any HTML content in the model in order to prevent HTML injection attacks.
If for some reason the model containing the HTML tag is to be used and rendered by the browser, you can use the Ng-bind-html-unsafe directive to turn off the default HTML tag escape:
<p ng-bind-html-unsafe= "MSG" ></p>;

Using the NG-BIND-HTML-UNSAFE directive requires extreme caution, and it should be limited to HTML tags that you fully trust and control.

ANGULARJS also has an instruction, ng-bind-html, which can selectively purify the HTML tag, while allowing other tags to be interpreted by the browser, using the following:

Method One:
1. Import Angular-sanitize.js
2. The modules that the press needs to rely on in your app are as follows:

var app = angular. module (' myApp ', [' ngsanitize ']);

3.<p ng-bind-html= "MSG" ></p>;

Method Two:

1. Import Angular-sanitize.js
2. Use it as a filter:

Angular.module (' myApp '). Filter (' to_trusted ', [' $sce ', function($sce) { return function(text) { return $sce. trustashtml (text);};}]);

3.<p ng-bind-html= "MSG | To_trusted "></p>;

Angularjs HTML content in an expression, how it is not escaped, directly represented as an HTML element