View source Improve this doc

$sanitize

service in module ngSanitize

Description

The input is sanitized by parsing the html into tokens. All safe tokens (from a whitelist) are then serialized back to properly escaped html string. This means that no unsafe input can make it into the returned string, however, since our parser is more strict than a typical browser parser, it's possible that some obscure input, which would be recognized as valid HTML by a browser, won't make it through the sanitizer. The whitelist is configured using the functions aHrefSanitizationWhitelist and imgSrcSanitizationWhitelist of $compileProvider.

Usage

  1. $sanitize(html);

Parameters

ParamTypeDetails
htmlstring Html input.

Returns

string Sanitized html.

Example

Source

  1.  
  1.  
  1.  

Demo