Igor
Reputation: 277
How to get the sanitized value (the html string) from SafeHtml object?
I'm using the DomSanitizer function bypassSecurityTrustHtml() for sanitizing.
Upvotes: 1
Views: 12154
Answers (1)
Poul Kruijt
Reputation: 71911
The value is stored in a changingThisBreaksApplicationSecurity property. Which probably says enough to not use it.
const safeHtml = this.domSanitizer.bypassSecurityTrustHtml('<div>hello</div>');
const html = safeHtml['changingThisBreaksApplicationSecurity'];
// html === <div>hello</div>;
However, you should only use the sanitizer and the value returned inside your template:
<div [innerHTML]="safeHtml"></div>
Now the div will have the contents of the html passed into the bypassSecurityTrustHtml
Upvotes: 4
Related Questions
- Setting to SafeHTML - Angular 2
- Object property value sanitization problem in Angular
- Best way to save sanitize html in angular
- Angular how to retain Html ID attribute when sanitized
- How to undo bypassSecurityTrustHtml, i.e convert SafeValue back to string
- Sanitize a string in javascript/jquery
- sanitizing unsafe URL value javascript
- Angular JS - How can I sanitize HTML in a controller?
- angularjs string variable to html element using sanitize
- Sanitize string to using angularjs