Explicitly sanitize HTML content

PHOTO EMBED

Sun Mar 07 2021 08:22:25 GMT+0000 (Coordinated Universal Time)

Saved by @fyodorio #angular #security

import { Component, OnInit } from '@angular/core';
import { SecurityService } from './data.service';
import { DomSanitizer, SafeHtml } from '@angular/platform-browser';
@Component({
  selector: 'app-root',
  template: `<div [innerHtml] = "safeValue"></div>`,
  providers: [SecurityService]
})
export class AppComponent implements OnInit {
  safeValue: SafeHtml;
  constructor(private secure: SecurityService) {
    this.safeValue = this.secure.getSafeHtml("<h1>Sanitization Success</h1>");
  }
  ngOnInit() {
  }
}
content_copyCOPY

https://www.syncfusion.com/blogs/post/top-5-best-practices-angular-app-security.aspx