Beta 10: WARNING: sanitizing unsafe style value

I’m getting these warnings like crazy after the upgrade. I’m assuming it’s angular 2 rc.3 that’s doing it?

it happens when opening a picker for example. Which, with dev tools open, slows performance to a crawl

Yes, this is a known issue. It’s an angular warning. We have an open issue for this already though.

great, thanks for the update!

I can’t find the answer.Can anyone help me with finding the answer. Do i need to update anything.

Nothing right now. It’s fixed in Ng2 proper right now, just not released yet.

this issue is kinda a pain. I want to use
background-image: url({{image4}}) and i get this error!!!

sanitize and it shall work:

in your .ts file:

import { DomSanitizer } from '@angular/platform-browser';

in your export class add:

in your constructor add:
private sanitizer: DomSanitizer

then create an image url and sanitize:

this.bgImage = sanitizer.bypassSecurityTrustStyle('url(https://PartOfDomain/' + this.aValue + '/' + this.anotherValue + ')');

Thats the sanitizing part.

Now in your html:

<div [style.background-image]="bgImage">

There is also an other way to do this without sanitizing using ngStyle:

<div [ngStyle]="{'background-image': 'url(https://PartOfDomain/' + this.aValue + '/' + this.anotherValue + ')'}"></div>

hope that helps!


Is there anyway to do binding like [nyStyle]="{{image}}"?

Is there a reason you’re trying to bind to an interpolated string? That’s quite unusual.

sorry for the late response. It worked but its really a pain this shit.
I receive a huge array with urls from the backend and i have to foreach this array to put the sanitizer value.
How to avoid that please?

Should be the accepted answer.

1 Like