Reputation: 133
Unsafe value used in a resource URL context (iframe)
Trying to pass value as iframe url from local db and and im getting error message: Unsafe value used in a resource URL context. i'm trying to display an array of printers ip so i will be able to check their status via the website there is anyway to do this without iframe ? i will be more then glad to hear some advises.
I'm new to angular and every help is more then welcome thanks in advance.
import { Component, OnInit } from '@angular/core';
import { HttpClient } from '@angular/common/http';
import { DomSanitizer } from '@angular/platform-browser';
@Component({
selector: 'app-value',
templateUrl: './value.component.html',
styleUrls: ['./value.component.css']
})
export class ValueComponent implements OnInit {
values: any;
constructor(private http: HttpClient, private sanitizer: DomSanitizer) { }
ngOnInit() {
this.getValues();
}
getValues() {
this.http.get('http://localhost:5000/api/values/').subscribe(response => {
this.values = response;
}, error => {
console.log(error);
})
}
}<H2>Print Manager</H2>
<div id="outerdiv">
<iframe src="http://192.168.1.6/general/status.html" id="inneriframe" scrolling="no" ></iframe>
</div>
<div *ngFor="let value of values">
<p>{{value.id}},{{value.hostName}},{{value.location}},{{value.manufacturer}},{{value.ip}}</p>
<span>Hostname: {{value.hostName}}</span>
<br>
<span>Location: {{value.location}}</span>
<br>
<span>Manufacturer: {{value.manufacturer}}</span>
<br>
<span>IP: {{value.ip}}</span>
</div>Upvotes: 5
Views: 19078
Answers (3)
Reputation: 1400
Using a Pipe is better.
Create a Pipe: In the app.component.ts (The main component that loads first)
import { Pipe, PipeTransform} from "@angular/core";
import { DomSanitizer } from "@angular/platform-browser";
@Pipe({ name: 'safe' })
export class SafePipe implements PipeTransform {
constructor(private sanitizer: DomSanitizer) { }
transform(url) {
return this.sanitizer.bypassSecurityTrustResourceUrl(url);
}
}
Declare the Pipe: After creating the pipe
@NgModule({
imports: [ ... ],
declarations: [ ..., SafePipe ],
bootstrap: [ App ]
})
Usage: You can use this with the pipe operator and the pipe name.
Example:
<iframe [src]="your_url_here | safe" id="inneriframe" scrolling="no" ></iframe>
Using this method, you will get a sanitized URL without rewriting the code every time you need it in other components.
Upvotes: 11
Reputation: 474
You may use Angular DomSanitizer from @angular/platform-browser
Refer Angular Guide for more info
import {DomSanitizationService} from '@angular/platform-browser';
@Component({
templateUrl: 'temp.html'
})
export class AppComponent {
yourUrl : '';
constructor(private sanitizer : DomSanitizationService) {
}
getSanitizedURL() {
return this.sanitizer.bypassSecurityTrustUrl(yourUrl);
}
}
HTML :
<div id="outerdiv">
<iframe src="getSanitizedURL()" id="inneriframe" scrolling="no"></iframe>
</div>
Upvotes: -3
Reputation: 133
[src]="sanitizer.bypassSecurityTrustResourceUrl('http://'+value.ip+'/general/status.html')" solved it for me
Upvotes: -1
Related Questions
- How to set <iframe src="..."> without causing `unsafe value` exception?
- Angular 2 - EXCEPTION: Error: unsafe value used in a resource URL context
- unsafe value used in a resource URL context : Angular DomSanitizer
- Angular2 unsafe resource URL in iFrame with DomSanitationService
- unsafe value used in a resource URL context Angular Error
- ERROR Error: unsafe value used in a resource URL context in angular 2
- unsafe value used in a resource URL context
- Angular2 iframe video " unsafe value used in a resource URL"
- Loading dynamic list of iframes - "Error: Required a safe ResourceURL"
- Im trying to dynamically change the url of an iframe but Im getting an Error: Unsafe value used in resource URL