Angular笔记--DomSanitizer

DomSanitizer通过清理在不同DOM上下文中安全使用的值，帮助防止跨站点脚本安全漏洞（XSS）

abstract sanitize(context: SecurityContext, value: SafeValue | string | null): string | null;
   
abstract bypassSecurityTrustHtml(value: string): SafeHtml;

abstract bypassSecurityTrustStyle(value: string): SafeStyle;

abstract bypassSecurityTrustScript(value: string): SafeScript;

abstract bypassSecurityTrustUrl(value: string): SafeUrl;

abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl;

<iframe [src]="url"></iframe>

import { Component, OnInit, Input} from '@angular/core';

import { DomSanitizer } from '@angular/platform-browser';

@Component({
  selector: 'app-iframe',
  templateUrl: './iframe.component.html',
  styleUrls: ['./iframe.component.less'],
})
export class IframeComponent implements OnInit{

@Input() url: string;

  src: any;

  constructor(private sanitizer: DomSanitizer) {}

ngOnInit() {

    this.src = this.sanitizer.bypassSecurityTrustResourceUrl(this.url);

}

posted @ 2019-12-12 10:26 litiyi 阅读(913) 评论(0) 编辑收藏举报

刷新页面返回顶部

litiyi

Angular笔记--DomSanitizer

公告