0

Angular 2 final release.

I have my link as following with refers to the href="javascript:;" my link

and i am getting following warning

WARNING: sanitizing unsafe URL value javascript:; (see http://g.co/ng/security#xss)

I need my link to be javascript:; because if i make it '#' or '' it refreshes the page.

I have read couple of posts where people report this issue to angular folks and they will fix it.. any help is appreciated.

Improve this question
7
  • What's the purpose of having a link with dummy href in your case? Most likely you have XY problem with javascript:;. Commented Sep 21, 2016 at 20:44
  • ng-bootstrap dropdown main href we gotta keep it empty and have its drop down items. if we don't keep it javascripot:; and click it refreshes itself. Commented Sep 21, 2016 at 20:47
  • i am generating elements dynamically. they can have direct links or drop downs. if they link i use url to populate in href. if they drop down i make href as void(0); so clicking on it should not refresh the page. Commented Sep 21, 2016 at 20:53
  • You can have <a> without href or have <a href=...> with preventDefault() or have any other inline element with click event. So yes, this is likely XY problem, and you're trying to solve it the hard way. Please, provide the details for the underlying problem in the question. Commented Sep 21, 2016 at 21:33
  • got it i will try to use alternate element Commented Sep 22, 2016 at 3:23

1 Answer 1

Reset to default
1

done with the help of pkozlowski-opensource

I don't think you want to trick sanitization here. If you are using a link that has a click event and it shouldn't trigger navigation just prevent default action on the event, ex.:

<a (click)="$event.preventDefault(); doSth()"> or even shorter
<a (click)="!!doSth()">

reference post https://github.com/angular/angular/issues/11805#issuecomment-248840338

i simply removed href and added a click event like as following

<a (click)="!!navigateToUrl(urlVar)">..</a>

Note: '!!' prevent triggering 'href' action and prevent page refresh. navigateToUrl is my js method simply i am doing as

if(urlVar){
window.location.href=urlVar
}

works like charm no warnings etc..

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.