Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include the Safe* interfaces in the exports of @angular/platform-browser #8568

Closed
Tragetaschen opened this Issue May 10, 2016 · 10 comments

Comments

Projects
None yet
8 participants
@Tragetaschen
Copy link
Contributor

commented May 10, 2016

After reading #8491, I tried to implement the solution to mark the generated style string as safe.

this.svgUrl = sanitizer.bypassSecurityTrustStyle('url(\'image.svg\')');

However, bypassSecurityTrustStyle() returns SafeStyle instead of string (as the comment suggests) and this marker interface isn't exported by @angular/platform-browser. That means, I cannot properly type my class member.

Please export the marker interfaces SafeStyle, SafeHtml, etc. so this solution works without any.

@pantonis

This comment has been minimized.

Copy link

commented May 11, 2016

Had the same problem:

temporary workaround I did until it is exported

this.svgUrl = <string>sanitizer.bypassSecurityTrustStyle('url(\'image.svg\')');

@mprobst

This comment has been minimized.

Copy link
Contributor

commented May 13, 2016

Mea culpa, oversight on my side. Let me fix that.

mprobst added a commit to mprobst/angular that referenced this issue May 13, 2016

feat(security): expose the safe value types.
This allows users to properly type their `SafeHtml`, `SafeStyle`, etc values.

Fixes angular#8568.

@mprobst mprobst self-assigned this May 13, 2016

@mprobst

This comment has been minimized.

Copy link
Contributor

commented May 13, 2016

@pantonis casting to a string is a bit nasty as the value is not a string. I'd recommend using any as the type of the field for the time being.

mprobst added a commit to mprobst/angular that referenced this issue May 15, 2016

feat(security): expose the safe value types.
This allows users to properly type their `SafeHtml`, `SafeStyle`, etc values.

Fixes angular#8568.

@mprobst mprobst closed this in 50c9bed May 15, 2016

@Tragetaschen

This comment has been minimized.

Copy link
Contributor Author

commented May 16, 2016

That's great, thanks!

@daBishMan

This comment has been minimized.

Copy link

commented Oct 31, 2016

I am doing the import in my component, import { SafeUrl } from '@angular/platform-browser'; but when I build using the CLI I get 'SafeUrl' was not found in '@angular/platform-browser'

what am I missing ?

@mprobst

This comment has been minimized.

Copy link
Contributor

commented Nov 1, 2016

@daBishMan that should work, but there's a bunch of things that could be wrong. See here on how to get support with that.

@SamVerschueren

This comment has been minimized.

Copy link
Contributor

commented Jan 16, 2017

Not sure if I'm the only one, but using the angular-cli, I receive this error message

WARNING in ./src/app/shared/directives/background.directive.ts
53:55 export 'SafeStyle' was not found in '@angular/platform-browser'

It works though so might be an "issue" with Webpack or something. Not sure.

@emoralesb05

This comment has been minimized.

Copy link

commented Jan 29, 2017

Same here, it works fine and all that, but the CLI complains that is not part of the module.

@emoralesb05

This comment has been minimized.

Copy link

commented Jan 29, 2017

Huh.. it complains if we add SafeResourceUrl or any of those as an input parameter.

set backgroundUrl(backgroundUrl: SafeResourceUrl) {

"export 'SafeResourceUrl' was not found in '@angular/platform-browser'

@devoto13

This comment has been minimized.

Copy link
Contributor

commented Jan 29, 2017

Looks like webpack/webpack#2977.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.