Angular 2 Bypassing Sanitizing for trusted values
Parameters
| Params | Details |
|---|---|
| selector | tag name you reference your component by in the html |
| template(templateUrl) | a string that represents html which will be inserted wherever the <selector> tag is. templateUrl is a path to an html file with the same behavior |
| pipes | an array of pipes that are used by this component. |
Remarks
SUPER IMPORTANT!
DISABLING SANITIZING LEAVES YOU AT RISK OF XSS (Cross-Site Scripting) AND OTHER ATTACK VECTORS. PLEASE MAKE SURE YOU TRUST WHAT YOU'RE GETTING 100%
Using Pipes relegates you to only changing attribute values like so :
<tag [attribute]="expression or variable reference | pipeName">
you are not able to use pipes this way :
<tag attribute="expression or variable reference | pipeName">
or this way
<tag attribute={{expression or variable reference | pipeName}}
