: Unsafe value used in a resource URL context

by

Pipe

    // Angular
    import { Pipe, PipeTransform } from '@angular/core';
    import { DomSanitizer, SafeHtml, SafeStyle, SafeScript, SafeUrl, SafeResourceUrl } from '@angular/platform-browser';
    
    /**
     * Sanitize HTML
     */
    @Pipe({
      name: 'safe'
    })
    export class SafePipe implements PipeTransform {
      /**
       * Pipe Constructor
       *
       * @param _sanitizer: DomSanitezer
       */
      // tslint:disable-next-line
      constructor(protected _sanitizer: DomSanitizer) {
      }
    
      /**
       * Transform
       *
       * @param value: string
       * @param type: string
       */
      transform(value: string, type: string): SafeHtml | SafeStyle | SafeScript | SafeUrl | SafeResourceUrl {
        switch (type) {
          case 'html':
            return this._sanitizer.bypassSecurityTrustHtml(value);
          case 'style':
            return this._sanitizer.bypassSecurityTrustStyle(value);
          case 'script':
            return this._sanitizer.bypassSecurityTrustScript(value);
          case 'url':
            return this._sanitizer.bypassSecurityTrustUrl(value);
          case 'resourceUrl':
            return this._sanitizer.bypassSecurityTrustResourceUrl(value);
          default:
            return this._sanitizer.bypassSecurityTrustHtml(value);
        }
      }
    }

Template

{{ data.url | safe:'url' }}

That’s it!

Note: You shouldn’t need it but here is the component use of the pipe

      // Public properties
      itsSafe: SafeHtml;

      // Private properties
      private safePipe: SafePipe = new SafePipe(this.domSanitizer);
    
      /**
       * Component constructor
       *
       * @param safePipe: SafeHtml
       * @param domSanitizer: DomSanitizer
       */
      constructor(private safePipe: SafePipe, private domSanitizer: DomSanitizer) {
      }
    
      /**
       * On init
       */
      ngOnInit(): void {
        this.itsSafe = this.safePipe.transform('<h1>Hi</h1>', 'html');
      }

More Related Contents:

  1. How to create cross-domain request?
  2. Angular CLI Error: The serve command requires to be run in an Angular project, but a project definition could not be found
  3. Angular2 validator which relies on multiple form fields
  4. Property ‘map’ does not exist on type ‘Observable’
  5. Inject a service manually
  6. How to send “Cookie” in request header for all the requests in Angular2?
  7. How to disable a input in angular2
  8. Can’t bind to ‘ngIf’ since it isn’t a known property of ‘div’ [duplicate]
  9. Can an ng-content be used inside of an ngFor?
  10. document.getElementById replacement in angular4 / typescript?
  11. Angular file upload progress percentage [duplicate]
  12. How can I avoid adding prefix “unsafe” to a link by Angular 2? [duplicate]
  13. Page is part of the declarations of 2 modules: Error in ionic build prod
  14. angular 2 change detection and ChangeDetectionStrategy.OnPush
  15. Uncaught Error: Unexpected directive ‘MyComboBox’ imported by the module ‘AppModule’. Please add a @NgModule annotation
  16. Angular 2 passing object via route params possible?
  17. Cannot find name ‘require’ after upgrading to Angular4
  18. custom filter in mat-table
  19. How to globally set the preserveWhitespaces option in Angular to false?
  20. Best way to import Observable from rxjs
  21. What is the difference between formControlName and FormControl?
  22. How to make nested Observable calls in Angular2
  23. What is the difference between declarations, providers, and import in NgModule?
  24. TypeScript-‘s Angular Framework Error – “There is no directive with exportAs set to ngForm”
  25. How to return observable from subscribe
  26. Limit input field to two decimal places – Angular 5
  27. Angular 6 – how to mock router.events url response in unit test
  28. How to create and download text/Json File with dynamic content using angular 2+
  29. FormControl.detectchanges – why use distinctUntilChanged?
  30. How to use angular2 built-in date pipe in services and directives script files [duplicate]

Leave a Comment