From 9bdd439c37ea089b1d822e9df9be9012ca15a200 Mon Sep 17 00:00:00 2001 From: masumulu28 Date: Thu, 23 Mar 2023 10:19:51 +0300 Subject: [PATCH] html content sanitized via safe-html pipe --- npm/ng-packs/packages/core/src/lib/core.module.ts | 3 +++ npm/ng-packs/packages/core/src/lib/pipes/index.ts | 1 + .../packages/core/src/lib/pipes/safe-html.pipe.ts | 13 +++++++++++++ .../page-alert-container.component.html | 6 ++++-- 4 files changed, 21 insertions(+), 2 deletions(-) create mode 100644 npm/ng-packs/packages/core/src/lib/pipes/safe-html.pipe.ts diff --git a/npm/ng-packs/packages/core/src/lib/core.module.ts b/npm/ng-packs/packages/core/src/lib/core.module.ts index e3cd895022..9655be6c5f 100644 --- a/npm/ng-packs/packages/core/src/lib/core.module.ts +++ b/npm/ng-packs/packages/core/src/lib/core.module.ts @@ -33,6 +33,7 @@ import { getInitialData, localeInitializer } from './utils/initial-utils'; import { ShortDateTimePipe } from './pipes/short-date-time.pipe'; import { ShortTimePipe } from './pipes/short-time.pipe'; import { ShortDatePipe } from './pipes/short-date.pipe'; +import { SafeHtmlPipe } from './pipes/safe-html.pipe'; import { QUEUE_MANAGER } from './tokens/queue.token'; import { DefaultQueueManager } from './utils/queue'; import { IncludeLocalizationResourcesProvider } from './providers/include-localization-resources.provider'; @@ -63,6 +64,7 @@ import { IncludeLocalizationResourcesProvider } from './providers/include-locali ReplaceableTemplateDirective, RouterOutletComponent, SortPipe, + SafeHtmlPipe, StopPropagationDirective, ToInjectorPipe, ShortDateTimePipe, @@ -90,6 +92,7 @@ import { IncludeLocalizationResourcesProvider } from './providers/include-locali ReplaceableTemplateDirective, RouterOutletComponent, SortPipe, + SafeHtmlPipe, StopPropagationDirective, ToInjectorPipe, ShortDateTimePipe, diff --git a/npm/ng-packs/packages/core/src/lib/pipes/index.ts b/npm/ng-packs/packages/core/src/lib/pipes/index.ts index 71ce383cd3..1a981ca041 100644 --- a/npm/ng-packs/packages/core/src/lib/pipes/index.ts +++ b/npm/ng-packs/packages/core/src/lib/pipes/index.ts @@ -1,4 +1,5 @@ export * from './localization.pipe'; +export * from './safe-html.pipe'; export * from './sort.pipe'; export * from './to-injector.pipe'; export * from './short-date.pipe'; diff --git a/npm/ng-packs/packages/core/src/lib/pipes/safe-html.pipe.ts b/npm/ng-packs/packages/core/src/lib/pipes/safe-html.pipe.ts new file mode 100644 index 0000000000..c8445e8390 --- /dev/null +++ b/npm/ng-packs/packages/core/src/lib/pipes/safe-html.pipe.ts @@ -0,0 +1,13 @@ +import { inject, Injectable, Pipe, PipeTransform, SecurityContext } from '@angular/core'; +import { DomSanitizer } from '@angular/platform-browser'; + +@Injectable() +@Pipe({ name: 'abpSafeHtml' }) +export class SafeHtmlPipe implements PipeTransform { + private readonly sanitizer = inject(DomSanitizer); + + transform(value: string): string { + if (typeof value !== 'string') return ''; + return this.sanitizer.sanitize(SecurityContext.HTML, value); + } +} diff --git a/npm/ng-packs/packages/theme-basic/src/lib/components/page-alert-container/page-alert-container.component.html b/npm/ng-packs/packages/theme-basic/src/lib/components/page-alert-container/page-alert-container.component.html index 0cc1e2bf28..914e803f95 100644 --- a/npm/ng-packs/packages/theme-basic/src/lib/components/page-alert-container/page-alert-container.component.html +++ b/npm/ng-packs/packages/theme-basic/src/lib/components/page-alert-container/page-alert-container.component.html @@ -7,9 +7,11 @@

- +