Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG
See original GitHub issueI’ve been using DomSanitizer with some an SVG in an html string.
Previous to the current version of Angular, this worked just fine:
this.domSanitizer.bypassSecurityTrustHtml(content);
Now I am getting an object back called
SafeHtmlImpl {changingThisBreaksApplicationSecurity: "<svg> blah </svg>"}
changingThisBreaksApplicationSecurity
Is there now a new way to access the output of the DomSanitizer? Should I be receiving it as SafeHTML type or something? What’s the point in having bypassSecurityTrustHtml if it still filters html?
Any answers on a postcard? Please…
Issue Analytics
- State:
- Created 7 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG
Is there now a new way to access the output of the DomSanitizer? Should I be receiving it as SafeHTML type or something?...
Read more >DomSanitizer - Angular
DomSanitizer helps preventing Cross Site Scripting Security bugs (XSS) by sanitizing values to ... abstract bypassSecurityTrustHtml(value: string): SafeHtml ...
Read more >Angular 2, DomSanitizer, bypassSecurityTrustHtml, SVG
I've been using DomSanitizer with an SVG in an html string. Previous to the current version of Angular, this worked just fine: this.domSanitizer....
Read more >Angular Material (forked) - StackBlitz
domSanitizer.bypassSecurityTrustHtml. (`<svg xmlns="http://www.w3.org/2000/svg". viewBox="0 0 24 24">. <defs>. <style> .cls-1{fill:none}.cls-2{fill:#212121}.
Read more >Angular safe pipe implementation to bypass DomSanitizer ...
Note: The content here applies to Angular 2+. DomSanitizer, a service of Angular helps to prevent attackers from injecting malicious ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Yes. Though not here.
Someone kindly answered the question on Stack Overflow
Cheers
This issue has been automatically locked due to inactivity. Please file a new issue if you are encountering a similar or related problem.
Read more about our automatic conversation locking policy.
This action has been performed automatically by a bot.