Issue with ng-bind-html (sanitizing content)

guyz · March 5, 2014, 10:13pm

I’m unable to bind a simple result:

\u00a0Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean ut enim eu felis vehicula mattis ut interdum mi. Nulla in euismod nunc.

using:

<p data-ng-bind-html="{{ thing.content }}"></p>

The error returned:

Error: [$parse:syntax] Syntax Error: Token 'ipsum' is an unexpected token at column 6 of the expression [Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean ut enim eu felis vehicula mattis ut interdum mi. Nulla in euismod nunc.].

My content will be mixed with various tags and other data that’s useless for display (such as hidden microsoft word tags).

Am I completely misunderstanding what data sanitization is in the use of angular-sanitize? Is it in it’s infancy?

Maybe someone could help point me in the right direction for sanitizing content such as above (and which would also work for not displaying the hidden microsoft tags either)

miklernout · March 5, 2014, 10:50pm

I am pretty sure that should look like this:

<p data-ng-bind-html="thing.content"></p>

When referring to scope variables from angular-attributes (attributes with “ng-” in them) you should pretty much always omit the curly braces.

Calendee · March 6, 2014, 12:46am

I think this post has the relevant links to the Angular docs on sanitize. I’m not so sure it’s Angular’s job to deal with hidden Microsoft Word tags.

Topic		Replies	Views
Sanitizing content ionic-v1	2	4721	February 19, 2014
$sanitize:badparse Parsing Error while Sanitizing	0	2450	May 21, 2014
Proper way to bind html? (ng-bind-html in V1) ionic-v3	4	7488	June 21, 2016
How to render raw html correctly? ionic-v1	4	1739	January 21, 2016
Ng-bind-html rendering ionic tags as plain text (update) ionic-v1	4	7205	March 2, 2016

Issue with ng-bind-html (sanitizing content)

Related topics