Angular笔记--DomSanitizer

时间：2019-12-12 11:11:00 收藏：0 阅读：91

DomSanitizer通过清理在不同DOM上下文中安全使用的值，帮助防止跨站点脚本安全漏洞（XSS）

abstract sanitize(context: SecurityContext, value: SafeValue | string | null): string | null;
   
abstract bypassSecurityTrustHtml(value: string): SafeHtml;

abstract bypassSecurityTrustStyle(value: string): SafeStyle;

abstract bypassSecurityTrustScript(value: string): SafeScript;

abstract bypassSecurityTrustUrl(value: string): SafeUrl;

abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl;

<iframe [src]="url"></iframe>

import { Component, OnInit, Input} from ‘@angular/core‘;

import { DomSanitizer } from ‘@angular/platform-browser‘;

@Component({
  selector: ‘app-iframe‘,
  templateUrl: ‘./iframe.component.html‘,
  styleUrls: [‘./iframe.component.less‘],
})
export class IframeComponent implements OnInit{

@Input() url: string;

  src: any;

  constructor(private sanitizer: DomSanitizer) {}

ngOnInit() {

    this.src = this.sanitizer.bypassSecurityTrustResourceUrl(this.url);

}

原文：https://www.cnblogs.com/tingying/p/12027725.html