Issue
Since upgrading to the latest Angular 2 release candidate, my img tags:
<img class='photo-img' [hidden]="!showPhoto1" src='{{theMediaItem.photoURL1}}'>
are throwing a browser error:
ORIGINAL EXCEPTION: Error: unsafe value used in a resource URL context
The value of the url is:
http://veeu-images.s3.amazonaws.com/media/userphotos/116_1464645173408_cdv_photo_007.jpg
EDIT:
I have tried the suggestion made in the other solution that this question is supposed to be a duplicate of but I am getting the same error.
I have added the following code to the controller:
import {DomSanitizationService} from '@angular/platform-browser';
@Component({
templateUrl: 'build/pages/veeu/veeu.html'
})
export class VeeUPage {
static get parameters() {
return [[NavController], [App], [MenuController], [DomSanitizationService]];
}
constructor(nav, app, menu, sanitizer) {
this.app = app;
this.nav = nav;
this.menu = menu;
this.sanitizer = sanitizer;
this.theMediaItem.photoURL1 = this.sanitizer.bypassSecurityTrustUrl(this.mediaItems[1].url);
}
I am still getting the same error message.
EDIT2:
I have also changed the html to:
<img class='photo-img' [hidden]="!showPhoto1" [src]='theMediaItem.photoURL1'>
I still get the same error message
Solution
I'm using rc.4 and this method works for ES2015(ES6):
import {DomSanitizationService} from '@angular/platform-browser';
@Component({
templateUrl: 'build/pages/veeu/veeu.html'
})
export class VeeUPage {
static get parameters() {
return [NavController, App, MenuController, DomSanitizationService];
}
constructor(nav, app, menu, sanitizer) {
this.app = app;
this.nav = nav;
this.menu = menu;
this.sanitizer = sanitizer;
}
photoURL() {
return this.sanitizer.bypassSecurityTrustUrl(this.mediaItems[1].url);
}
}
In the HTML:
<iframe [src]='photoURL()' width="640" height="360" frameborder="0"
webkitallowfullscreen mozallowfullscreen allowfullscreen>
</iframe>
Using a function will ensure that the value doesn't change after you sanitize it. Also be aware that the sanitization function you use depends on the context.
For images, bypassSecurityTrustUrl will work but for other uses you need to refer to the documentation:
https://angular.io/docs/ts/latest/api/platform-browser/index/DomSanitizer-class.html
Answered By - elkelk
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.