25

When Angular interpolates markup and inserts scoped variables into a {{post}} style template, it escapes HTML.

The application I'm building requires users to create the templates, using curly brace notation to insert variable names, I don't want to overcomplicate it by bringing in directives for some variables and curlies for others.

Is there a way to render non escaped HTML through curly templates?

My only alternative is to render a proxy element when the user attempts to render {{post}}, which I can then grab with jQLite and insert the HTML by hand, but that is all shades of messy. Any ideas?

Improve this question
2
  • 5
    I don't think there is (for what that's worth); but what you might do is replace {{post}} by something like <span ng-bind-html="post"></span> when you process the template. Be sure not to open yourself up to injection attacks, although that's more a risk if you use ng-bind-html-unsafe since ng-bind-html still does some sanitizing. Commented Dec 26, 2013 at 8:02
  • 1
    possible duplicate of AngularJS: Insert HTML from a string Commented May 12, 2015 at 0:59

1 Answer 1

Reset to default
23

Your going to want to look at ngBindHtml.

"To utilize this functionality, ensure that $sanitize is available, for example, by including ngSanitize in your module's dependencies (not in core Angular.)"

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

It overrides everything inside the element as well. Where with filter i could have done this, Hi, today you are feeling {{ ':happy_face:' | emoji }}

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.