Menu
I got this code
<div *ngIf="topic.video">
<div class="video-container">
<iframe width="300" height="169" src="topic.video.url" style="border:0"></iframe>
</div>
</div>
problem: angular will output src="localhost://8001" instead of src="https://www.youtube.com/embed/hr4BbdUiTUM"
What could be wrong here?
UPDATE 2
This is what got after Gunter's answer.
import { Component, OnInit, Pipe, Sanitizer } from '@angular/core';
import { DataService } from '../../shared/data';
@Component({
template: `
<div class="subheader">Feed</div>
<div *ngFor="let topic of topics; let index = index; trackBy: trackByFn">
<div *ngIf="topic.type == 'discussion'">
<div *ngIf="topic.video">
<div class="video-container">
<iframe src="{{sanitizer.bypassSecurityTrustResourceUrl(topic.video.url)}}" ></iframe>
</div>
</div>
</div>
</div>
`
})
export class CompanyComponent implements OnInit {
constructor(
private sanitizer:Sanitizer,
private dataService: DataService
) {}
ngOnInit() {
this.topics = this.dataService.topics;
}
}
I still got this error
company.ts?ac6a:121 Error: Uncaught (in promise): Error: Error in ./CompanyComponent class CompanyComponent - inline template:29:41 caused by: unsafe value used in a resource URL context (see http://g.co/ng/security#xss)
Error: unsafe value used in a resource URL context (see
263
Embedding a YouTube video into your angular application isn't a straight forward work before angular 9. Before angular 8.2, it needs lots of efforts to embed and YouTube video. You need an npm plugin to do the operation.
WebViews in SwiftUI Just replace the URL in the WebViewModel init with your YouTubeURL and that's it, you have a YouTube video embedded in the app.
Yes, it's legal to embed the content. You're not hosting the content, and you didn't steal the content. You have some responsibility to do at least some due diligence to find the original owner of any piece of content you want to reference or use, but you aren't required to go out of your want for it.
If you want to get the URL from a variable you need to enable binding by using [] or {{}} (never both at the same time, {{}} only works for strings, not for objects or arrays):
[src]="topic.video.url"
or
src="{{topic.video.url}}"
If the URL gets removed by the DOM sanitizer, you can use a pipe like shown in In RC.1 some styles can't be added using binding syntax
import { Pipe, DomSanitizer } from '@angular/core';
@Pipe({name: 'safeResourceUrl'})
export class SafeResourceUrl {
constructor(private sanitizer:DomSanitizer){}
transform(url) {
return this.sanitizer.bypassSecurityTrustResourceUrl(url);
}
}
[src]="topic.video.url | safeResourceUrl"
You can also just apply
this.myUrl = this.sanitizer.bypassSecurityTrustResourceUrl(this.topic.video.url);
and bind to this instead
[src]="myUrl"
but the pipe is more reusable.
194
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
