AngularJS v1.4.2 ng-bind-html and ng-bind-html-unsafe don't work

Question

I'm using AngularJS v1.4.2 and like to print out html from a variable in the $scope.

I tried to use ng-bind-html and ng-bind-html-unsafe but both are not working.

Here is my controller:

var ctrl = angular.module('app.ctrl',['app.model'])
        .controller('Controller',function($scope, $log, Model){
            $log.warn("controller für View wurde erstellt");
            $log.log(Model.getValue());
            $scope.sayHello="Hello World!";
            $scope.sayHelloHtml="<strong>Hello World Fett</strong>";
        });

And my HTML code:

...
<div ng-controller="Controller">Meine erste angularJS View {{ sayHello }}
<div ng-bind="sayHello"></div>
<div ng-bind-html="sayHelloHtml"></div>
</div>
...

Answer 1

according to the docs for ng-bind-html you need to add ngSanitize to your module dependencies for it to work correctly, which looks like you didn't ;)

Check the example on https://docs.angularjs.org/api/ng/directive/ngBindHtml for further details.

Cheers D

Answer 2

It's necessary to use the $sce (Strict Contextual Escaping service)

$scope.sayHelloHtml = $sce.trustAsHtml("Hello World Fett");

Answer 3

var ctrl = angular.module('app.ctrl',['app.model','ngSanitize'])
        .controller('Controller',function($scope, $log, Model,'$sce'){
            $log.warn("controller für View wurde erstellt");
            $log.log(Model.getValue());
            $scope.sayHello="Hello World!";
            $scope.sayHelloHtml="<strong>Hello World Fett</strong>";

            $scope.sayHelloHtml = $sce.trustAsHtml($scope.sayHelloHtml);
        });

HTML

 <div ng-controller="Controller">Meine erste angularJS View {{ sayHello }}
            <div ng-bind="sayHello"></div>
            <div ng-bind-html="sayHelloHtml"></div>
            <div ng-bind-html-unsafe="sayHello"></div>
            </div>

Make sure you have include angular-sanitize.js and injected ngSanitize module in app and injected $sce in your controller.