Is possible Sanitize on Angular2 a HTML string allowing certaing tags?

问题

I am sanitizing the current html (string value), I want to know if is possible only allow certains attributes. In this example the string only should keep the "id" attribute. Like this:

<h1 id="header">DomSanitizer</h1><script>ourSafeCode()</script>');

This is an example of my component.

import {BrowserModule, DomSanitizer} from '@angular/platform-browser'

@Component({
    selector: 'my-app',
    template: `
        <div [innerHtml]="html"></div>
    `,
    })
    export class App {
    constructor(private sanitizer: DomSanitizer) {
        this.html = sanitizer.bypassSecurityTrustHtml('<h1 id="header" class="headerClass" style="background-color: red" >DomSanitizer</h1><script>ourSafeCode()</script>') ;
    }
}

But instead I am getting all the attributes from the string, I was thiking on a regular expersion o something like that. But I want to know if I can filter the attributes (I am noob).

来源：https://stackoverflow.com/questions/42685118/is-possible-sanitize-on-angular2-a-html-string-allowing-certaing-tags

标签

javascript

html

angular

sanitization

html-sanitizing

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!