I want to bind iframe in a div that is returning by my database,
<iframe width="560" height="315" src="https://www.youtube.com/embed/zvo9m_e8ekA&; frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe>
Is this possible to bind in following div
<div ng-app="myApp" ng-controller="dummy">
You will need to use the $sce service in conjunction with ng-bind-html in order to parse the string as safe HTML.
If your string is:
"<iframe width="560" height="315" src="https://www.youtube.com/embed/zvo9m_e8ekA&; frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe>"
Then you need to replace the " with apostrophes and then parse it as safe HTML, as such:
dummy.unsafeIframeCode = "<iframe width="560" height="315" src="https://www.youtube.com/embed/zvo9m_e8ekA&; frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe>";
dummy.unsafeParsedIframeCode = dummy.unsafeIframeCode.replace(/\"\;/gi, "'");
dummy.safeIframeCode = $sce.trustAsHtml(dummy.unsafeParsedIframeCode);
And simply bind it in HTML as such:
<div ng-app="myApp" ng-controller="dummy" ng-bind-html="dummy.safeIframeCode">
ng-bind-html willn't work for binding your iFrame, because the sanitizer is protecting your app from potential XSS attacks.
If you trust/control the data source completely, you can look into using trustAsHtml
e.g. scope.trustedData = $sce.trustAsHtml(content); in your directive controller(where content is your iFrame "<iframe.../>"), and <div ng-bind-html="trustedData"></div> in the DOM. It'll do the task for you.
ng-bind-htmlngSanitizemodule? Have you escaped quotes in your string? Do you have any errors in the console?