I'm trying to use $sce.trustAsHtml() with a property of an object in ng-repeat. The result is that the HTML is totally blank. The HTML outputs correctly using ngSanitize though.
<div ng-repeat="question in questions">
<p ng-bind-html="$sce.trustAsHtml(question.body)">
</p>
</div>
I'm on AngularJS v1.3.0-beta.3 by the way. Not sure if there's a bug or I do something wrong.
You can't use $sce.trustAsHtml in an expression (unless $sce is a property on the $scope) because expressions are evaluated in the context of the $scope.
The cleanest approach is to use ngSanitize.
The second cleanest is to expose $sce.trustAsHtml as a function in the $scope:
<div ng-repeat="...">
<p ng-bind-html="trustAsHtml(question.body)"></p>
</div>
$scope.trustAsHtml = $sce.trustAsHtml;
OR have a filter:
angular.module('myApp')
.filter("sanitize", ['$sce', function($sce) {
return function(htmlCode){
return $sce.trustAsHtml(htmlCode);
}
}]);
in html:
<div ng-bind-html="question.body | sanitize"></div>
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 冷血范 的文章《AngularJS using $sce.trustAsHtml with ng-repeat》','https://www.manongdao.com/article-153828.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}