SafeValue must use [property]=binding:

Question

I got the following error inside my input:

SafeValue must use [property]=binding: http://www.myurl.com (see http://g.co/ng/security#xss)

I did in my component:

this.myInputURL = this.sanitizer.bypassSecurityTrustUrl('http://www.myurl.com');

And in my template:

Share URL: <md-input [value]="myInputURL" type="text"></md-input>

What's wrong?

Answer 1

change this

this.sanitizer.bypassSecurityTrustUrl('http://www.myurl.com');

to

this.sanitizer.bypassSecurityTrustResourceUrl('http://www.myurl.com');

Difference between the two options

bypassSecurityTrustUrl

Bypass security and trust the given value to be a safe style URL, i.e. a value that can be used in hyperlinks or . source angular.io

bypassSecurityTrustResourceUrl

Bypass security and trust the given value to be a safe resource URL, i.e. a location that may be used to load executable code from, like , or . source angular.io