nikk wong
Reputation: 8690
Angular—allow users to input CSS for dynamic template generation
For security reasons, Angular documentation clearly states to ...not use user input to generate templates dynamically. However, I want to do just that. I would like to allow users to use input fields to generate CSS freely and use it to create their own templates, which they could then download. I know $sanitize works to clean HTML, but I am not aware if there is anything that allows you to do this with CSS, that will protect the site from security vulnerabilities.
Is it possible?
Thanks in advance.
Upvotes: 0
Views: 190
Answers (1)
Sridhar Chidurala
Reputation: 576
You can preview user inputted templates with style tags. I've used $templateCache to load user html.
$scope.loadTemplate=function(){
var randomStringName=makeid();
$scope.templVar=randomStringName;
$templateCache.put(randomStringName,$scope.templ);
}
HTML
<div ng-include="templVar"></div>
http://plnkr.co/edit/8HP7HWwMvlXYiusE9TGH?p=preview
Upvotes: 1
Related Questions
- Generate dynamic css based on variables angular
- Dynamically inject HTML and CSS on request
- Angular: How to style dynamically generated html?
- Dynamic style - Angular
- How to include template dynamic in AngularJS?
- Create a preview from user inputed CSS and HTML using angularJS
- Dynamic Inline CSS using AngularJS
- Dynamic css in Angular
- dynamic stylesheet with angularjs
- Dynamic styles in Angular