Use of ng-bind-html
AngualrJS provides the directive ng-bind-html for binding documents containing HTML tags, using:
<ANY of-bind-html=""> ... </ANY>
Test Case:
index.html
<div ng-controller="TestCtrl">
<div>
<p ng-bind-html="myHTML"></p>
</div>
</div>
index.js
var myApp = angular.module('myApp', []);
myApp.controller('TestCtrl', ['$scope', function($scope){
$scope.myHTML = '<strong>Hot</strong>';
}]);
The browser outputs the following error:
angular.js:11598 Error: [$sce:unsafe] Attempting to use an unsafe value in a safe context.
http://errors.angularjs.org/1.3.11/$sce/unsafe
at file:///home/y/my_temp/angular_test/web/app/js/angular.js:63:12
at htmlSanitizer (file:///home/y/my_temp/angular_test/web/app/js/angular.js:15053:13)
at getTrusted (file:///home/y/my_temp/angular_test/web/app/js/angular.js:15217:16)
at Object.sce.(anonymous function) [as getTrustedHtml] (file:///home/y/my_temp/angular_test/web/app/js/angular.js:15897:16)
at Object.ngBindHtmlWatchAction [as fn] (file:///home/y/my_temp/angular_test/web/app/js/angular.js:20449:29)
at Scope.$digest (file:///home/y/my_temp/angular_test/web/app/js/angular.js:14230:29)
at Scope.$apply (file:///home/y/my_temp/angular_test/web/app/js/angular.js:14493:24)
at bootstrapApply (file:///home/y/my_temp/angular_test/web/app/js/angular.js:1449:15)
at Object.invoke (file:///home/y/my_temp/angular_test/web/app/js/angular.js:4182:17)
at doBootstrap (file:///home/y/my_temp/angular_test/web/app/js/angular.js:1447:14)angular.js:11598 (anonymous function)angular.js:8548 (anonymous function)
Check the official documentation to use: $sanitize service
Note: If a $sanitize service is unavailable and the bound value isn't explicitly trusted, you will have an exception (instead of an exploit.)
Configure the sanitize service in angular.module:
var myApp = angular.module('myApp', ['ngSanitize']);
Refresh the browser again and output the following error message:
Uncaught Error: [$injector:modulerr] Failed to instantiate module myApp due to:
Error: [$injector:modulerr] Failed to instantiate module ngSanitize due to:
Error: [$injector:nomod] Module 'ngSanitize' is not available! You either misspelled the module name or forgot to load it. If registering a module ensure that you specify the dependencies as the second argument.
http://errors.angularjs.org/1.3.11/$injector/nomod?p0=ngSanitize
at file:///home/y/my_temp/angular_test/web/app/js/angular.js:63:12
at file:///home/y/my_temp/angular_test/web/app/js/angular.js:1764:17
at ensure (file:///home/y/my_temp/angular_test/web/app/js/angular.js:1688:38)
at module (file:///home/y/my_temp/angular_test/web/app/js/angular.js:1762:14)
at file:///home/y/my_temp/angular_test/web/app/js/angular.js:4094:22
at forEach (file:///home/y/my_temp/angular_test/web/app/js/angular.js:323:20)
at loadModules (file:///home/y/my_temp/angular_test/web/app/js/angular.js:4078:5)
at file:///home/y/my_temp/angular_test/web/app/js/angular.js:4095:40
at forEach (file:///home/y/my_temp/angular_test/web/app/js/angu
It is found that angular.js does not have a sanitize module, here will
Just load angular-sanitize.js in.
<script src="../js/angular-sanitize.js"></script>
Original address: https://www.cnblogs.com/yshyee/p/4272180.html