[AngularJS] Re: Angular 5 - DomSanitizer and data-attibutes

Tue, 16 Jan 2018 13:45:07 -0800 

Hi Sander,

There is a lot of dependencies so it will be difficult to make a stackblitz 
but this is the relevant parts of code of one use case. Hope this will be 
enough to be understandable.

Regards,
Arnaud.


This is the code in the editor component, wich I would like to improve.

 @Input()
    set dlContext(dlContext: DLContextSpec) { 
       
           // Translates the LoadingContext into html with img tags and 
data attributes to keep.
            let processedData = this.translateDLContextToHtml(dlContext);  
// <- HTML entered by user, need to be sanitized.

           // Saves the specific data attributes, sanitizes the html and 
restores the saved attributes into the sanitized html.
           let dataAttribute: JSONDataAttribute = new 
JSONDataAttribute(CorpusBlot.CONTEXT_ATTRIBUTE);
           let savedDataAttribute = extractDataAttributes(processedData, 
dataAttribute);

            let sanitizedData = 
this._domSanitizer.sanitize(SecurityContext.HTML, processedData);

            // Restores the data attributes.
            let index: number = 0;
            sanitizedData = sanitizedData.replace(new 
RegExp(`<${CorpusBlot.tagName} [^>]*class="${CorpusBlot.className}" 
[^>]*>`, "ig"), (matched) => {
                return index < savedDataAttribute.length ? 
matched.replace('>', ' ' + savedDataAttribute[index++] + '>') : "";
            })
            
            this.initialData =  
this._domSanitizer.bypassSecurityTrustHtml(sanitizedData);
           
        }
    }


The editor, QuillJs is then initialized from a div in the template where 
the resulting SafeHtml of the method above is injected :

<div *ngIf="render" id="{{containerId}}" [innerHTML]="initialData"></div>




Le mardi 16 janvier 2018 16:21:19 UTC+1, Sander Elias a écrit :
>
> Hi Arnaud,
>
> I think I need to see some code to be able to decide ;)
>
> Regards
> Sander
>

-- 
You received this message because you are subscribed to the Google Groups 
"Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.

Reply via email to