How to render string with html tags in Angular 4+? [duplicate]

About

Asked 27/2, 2018 at 16:15 Answered 27/2, 2018 at 16:20

342

In my angular 4 app, I have a string like

comment: string;
comment = "<p><em><strong>abc</strong></em></p>";

When I serve this text in my html, like

{{comment}}

Then it displays:

<p><em><strong>abc</strong></em></p>

But I need to display the text "abc" in bold and italic form, like abc

How can I do this?

Taught answered 27/2, 2018 at 16:15 Comment(0)

760

Use one way flow syntax property binding:

<div [innerHTML]="comment"></div>

From angular docs: "Angular recognizes the value as unsafe and automatically sanitizes it, which removes the <script> tag but keeps safe content such as the <b> element."

Firry answered 27/2, 2018 at 16:20 Comment(13)

In Angular front-end, using [innerHTML] may lead to security faults, and thus should be disallowed. angular.io/guide/security. – Cota 28/12, 2018 at 9:32

@HongNguyen As I understand it, I think that article you shared explains that it is safer to use [innerHTML]. Check the live example. – Debauchee 8/1, 2019 at 1:40

Thanks, but when my HTML be render, the string html generated, show as string, not Input or something like that. what should I do? – Yenta 4/3, 2019 at 14:10

FYI from angular docs: "Angular recognizes the value ([innerHtml]) as unsafe and automatically sanitizes it, which removes the <script> tag but keeps safe content such as the <b> element." – Outgo 4/6, 2019 at 3:56

can i open it in external browser... my inner html is link, i need to when click it open external browser new page. ? how can i do it, my anguler app , run using jx browser. – Toilworn 12/8, 2020 at 15:38

@Toilworn yes if your innerhtml has <a target="_blank" href="google.com">Click here</a> tag. This should work – Esteban 18/2, 2021 at 6:27

this has a drawback: it won't apply css styles to the tags that are in the component css – Noctambulism 6/2, 2022 at 19:46

@Noctambulism you can add css styles by adding "encapsulation: ViewEncapsulation.None," to your Component. More info here: #44211286 – Exit 30/6, 2022 at 14:45

Adding ng-bind-html="value" helped me. – Displant 18/8, 2022 at 0:11

For simple html content we can use directly <div [innerHtml]="htmlContent"></div>, But if you want to use complex html and styles need to use the safeHtml pipes like this <div id="previewDoc" [innerHTML]="previewDoc | safeHtml" class="preview"></div> and we need to create the safeHtml pipe. – Throne 15/9, 2022 at 4:1

@HongNguyen useless comment. disallow and HOW to do that? if projects ask us to do it, what is replacement then? – Ratchford 22/2, 2023 at 3:51

@AylaWinters, It is not advisable to use "encapsulation: ViewEncapsulation.None" as it affects your global styling which me result in disturbed CSS for other components as well – Tuscany 17/4, 2023 at 6:2

@Pipe({ name: "safeHtml" }) export class SafeHtmlPipe implements PipeTransform { constructor(private sanitizer: DomSanitizer) {} transform(value) { return this.sanitizer.bypassSecurityTrustHtml(value); } } – Elemental 22/1 at 21:30

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags