How to use DOMSANITIZER(bypassSecurityTrustUrl) while calling the API
Getting XSS vulnerabilities while calling the API for fetching the data. So trying to add DOMSANITIZER, but its failing. Tried below code, please suggest me the solution.
this.http.get(this.domSanitizer.bypassSecurityTrustUrl(dataUrl),{headers:headers}).subscribe(response => {
this.persons = response.data.map(x=>({...x,check:false,test:x.firstName}));
this.dtTrigger.next();
});
Solution
You can use DOMSANITIZER while using the API in following way.
- Import these:
import { Component, OnInit, ViewChild, SecurityContext, } from '@angular/core'; import {DomSanitizer} from '@angular/platform-browser';
- Use this below code in your project where you are using this:
const dataUrl = this.domSanitizer.sanitize( SecurityContext.RESOURCE_URL, this.domSanitizer.bypassSecurityTrustResourceUrl( 'https://raw.githubusercontent.com/l-lin/angular-datatables/master/demo/src/data/data.json' ) ); this.http.get(dataUrl).subscribe((response) => { this.persons = response.data.map((x) => ({ ...x, check: false, test: x.firstName, })); this.dtTrigger.next(); });
Important:
This code is working on your stackblitz url.
I have also save it and you can go there to check it. https://stackblitz.com/edit/column-names-as-tooltip-wcw1f7?file=app%2Fapp.component.ts
- Template reference variable returns undefined inside ng-template
- How to modify data in an angular component when using async pipe
- Using ASP.NET MVC with Angular 2 RC 6 (Final)
- Losing reference to this in async function inside subscribe
- punycode is deprecated in npm - what should I replace it with?
- Enable to retrieve data initialize by a dispatched action when the component is mounted
- How do I implement paging (JwPaginationModule) in my Ionic app?
- Accessing Angular Typed Form Property from a FormArray in the HTML Template
- How to Integrate Monaco Editor in an Angular 16 Nx Project?
- Hide that website has been made with Angular
- Angular: 7.2.1 ES6 class ReferenceError : Cannot access 'X' before initialization
- How to use Observable to emit each value from an array after every 1 second(Angular 5)?
- Angular Directive - Change color of button on hover
- Why does CSP script-src unsafe-inline induce styling issues on my Angular webapp?
- Angular 8 ngFor not binding
- Is there a simple way to display a countdown to datetime in Angular?
- Variable Change Detection - Angular
- Creating a list of checkboxes with ngFor Angular
- Angular 4 Error: No provider for HttpClient
- How to reactively deal with a dynamic form in Angular Reactive Forms?
- How to populate a form from a list to update in Angular2?
- Type casting within a template in Angular 2
- How to replace ::ng-deep in Angular Material 15
- in Angular2 how to know when ANY form input field lost focus
- How do I get the index of object in array using angular?
- Angular FormGroup in Storybook: Converting circular structure to JSON
- Angular Reactive Form - ng-select in form array works remotely but fails when it's online
- IIS port numbers vs VS2022 port numbers
- Input File onchange event not firing
- How to resolve the PUT 422 (Unprocessable Content) error