ng-bind-html
Bind trusted HTML content to an element.
Sets the innerHTML of an element to a trusted HTML string. The value must be explicitly trusted through the $sce service to prevent XSS.
$scope.trustedHtml = $sce.trustAsHtml('<strong>Hello</strong> <em>world</em>');
});
ng-bind-html
- Type:
expression - Required: yes
Expression that evaluates to a value marked as trusted HTML via $sce.trustAsHtml(). Untrusted strings will throw an SCE error.
Warning: Never pass user-supplied content directly to
$sce.trustAsHtml(). Only trust HTML you control or have saniti
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.