1

I want to pass the angularjs rendering data to html file. I'm passing but the hole HTML tags and all showing in front end

This is my js file code:

var html = "";
    html += '<h4 class="c-white">[\''+dkey+'\']</h4>';
    $scope.oc.dayHtml[rmoment.format('YYYY-MM-DD')] = html;

This is my HTML file code:

<div class="listview lv-bordered lv-lg m-b-15">
                            {{::oc.dayHtml[day]}}
                        </div>

Note : See Here I'm passing Date but it is showing with HTML tag. Also, i don't want html tages only i want date only.

See output Front end like this coming:

<h4 class="c-white">['2019-12-30']</h4>
<h4 class="c-white">['2019-12-31']</h4>
Improve this question
1

2 Answers 2

Reset to default
0

The Issue

I believe the issue you're running into here is something called "Strict Contextual Escaping". Basically, to prevent Evil Horrible People™ from running malicious code on your site thru stuff like the following:

<div id='my-div'>
 <!--Also please don't use IDs that are stupid as this one, kthx-->
 <input id='html-inp' ng-model='someInput'>
 <div class='result'>{{someInput}}</div>
 OR...
 <div class='result' ng-bind-html='someInput'></div>
</div>

If you ran this code inside a normal, otherwise-perfectly-functional AngularJS app, you could put whatever you want in #html-inp, and assume that it'd show up in both of those .result divs. However... If you type any HTML in there - for example, "<i>This text is supposed to be italic!</i>", it'll show the exact the code you've typed in, not the "rendered" version that you want it to.

ng-bind-html-unsafe

To avoid this, one way used to be using the ng-bind-html-unsafe directive, as the linked question above suggests. However, that's been removed, so depending on what sub-version of AngularJS you're using, that's not likely to work.

$sce

Instead, you now need to use the Strict Contextual Escaping module (someone else please correct this if it's not actually called a "module". Is it a service?), $sce:

var myApp = angular.module('myAwesomeApp',[]).controller('myController',function($scope,$sce,someOtherModule){
  ...the rest of your code.

That will allow you to do stuff like this:

//we're inside an angularjs controller here
$scope.someRenderedHTML = $sce.trustAsHtml($scope.someVarWithRawHtml);

If you wanna use this in your HTML, you could do it like:

<div class='result' ng-bind-html='someRenderedHTML'></div>

Alternatively, you could create a filter:

.filter('trustMe', ['$sce', function($sce){
   return function(text) {
      return $sce.trustAsHtml(text);
   }
}])

And just do <div class='result' ng-bind-html='someVarWithRawHtml|trustMe'></div>

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0 
<div ng-bind-html="oc.dayHtml[day]" />
Improve this answer

8 Comments

Hi seunggabi, thanks for your replaying i applied ng-bind-html-unsafe="oc.dayHtml[day]" but same HTML tages also coming.
See my screen output like this : <h4 class="c-white">['2019-12-30']</h4> <h4 class="c-white">['2019-12-31']</h4
No same HTML tag only coming see this: <h4 class="c-white">['2019-12-30']</h4> ,,,i want only for date like this :2019-12-30
Review: While this code may answer the question, providing additional context regarding why and/or how this code answers the question improves its long-term value. I would recommend you to check SO's official How to Answer article along with the comprehensive blog post from Jon Skeet. I mark your answer for deletion until update.
@seunggabi Please add text explaining how this will work
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.