TrustHtmlModule
is a module for angular2+ projects
which allows you to inject the HTML content into your templates.
Install the module into your application and save it as a dev
dependency in your package.json
file
npm install trust-html --save-dev
In order to use the TrustHtmlPipe
you have to include/import
the TrustHtmlModule
into your application:
import {TrustHtmlModule} from 'trust-html';
@NgModule({
//...
imports: [
//...
TrustHtmlModule
],
//...
})
Or you can include the pipe directly in your components declarations list in your @NgModule(...)
:
import {TrustHtmlPipe} from "trust-html";
@NgModule({
//...
declarations: [TrustHtmlPipe],
//...
})
Use it in your template to "inject" trusted HTML content:
<div [innerHTML]="'<strong>test html content</strong>' | trustHtml"></div>
Output:
<div>
<strong>test html content</strong>
</div>
Bypass security and trust the given value to be safe HTML.
The sanitizer will leave safe HTML intact.
WARNING: in Angular version 2.x, calling this method with untrusted user data exposes your
application to XSS security risks!
Parameters:
htmlString - HTML string which should not be escaped.
Return:
Method returns the intact HTML string.
https://github.com/tvicpe/trust-html
To build the final package run this command:
ng build trust-html
The build process will generate the packed sources into the dist
folder.
To publish the new version to npm
, go into the dist
folder:
cd ./dist/trust-html
and publish it to npm:
npm publish
1.0.0