<div [innerHTML]="html"></div> isn't working when the html contains an Iframe. I've tried to do some security bypass with this.sanitizer.bypassSecurityTrustResourceUrl(..., but it still doesn't work.
Here's the demo with angular2 not injecting correctly.
You need to use bypassSecurityTrustHtml for that, and need to assign and use the
sanitized html like this
this.html = this.sanitizer.bypassSecurityTrustHtml(this.html);
DomSanitizationService is outdated from angular2 RC6
If you are using angular2 RC5 use this-
DomSanitizationService
If you are moving to angular2 RC6 use this-
DomSanitize
Here, is the complete example
import {DomSanitizer} from '@angular/platform-browser';
Then add in constructure
private sanitizer: DomSanitizer
and apply sanitizer on your variable like this
let text = <iframe width="977" height="733" src="https://www.youtube.com/embed/C0DPdy98e4c" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
text = this.sanitizer.bypassSecurityTrustHtml(text);
return text;
this.sanitizer.bypassSecurityTrustHtml() takes string as input and makes it SafeHtml.I have done this in Angular 8.
