Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SafeValue must use [property]=binding:

Tags:

angular

I got the following error inside my input:

SafeValue must use [property]=binding: http://www.myurl.com (see http://g.co/ng/security#xss)

I did in my component:

this.myInputURL = this.sanitizer.bypassSecurityTrustUrl('http://www.myurl.com');

And in my template:

Share URL: <md-input [value]="myInputURL" type="text"></md-input>

What's wrong?

like image 857
TheUnreal Avatar asked Sep 15 '16 17:09

TheUnreal


1 Answers

change this

this.sanitizer.bypassSecurityTrustUrl('http://www.myurl.com');

to

this.sanitizer.bypassSecurityTrustResourceUrl('http://www.myurl.com');

Difference between the two options

bypassSecurityTrustUrl

Bypass security and trust the given value to be a safe style URL, i.e. a value that can be used in hyperlinks or . source angular.io

bypassSecurityTrustResourceUrl

Bypass security and trust the given value to be a safe resource URL, i.e. a location that may be used to load executable code from, like , or . source angular.io

like image 124
Sunil Singh Avatar answered Nov 16 '22 01:11

Sunil Singh