unsafe value used in a resource URL context











up vote
0
down vote

favorite












I'm new to Angular 6 and I'm getting this error:




"unsafe value used in a resource URL context (see
http://g.co/ng/security#xss)"




I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



This is the error which I'm getting



Changed Iframe code as show below after creating new pipe: 



 <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


The code of the pipe:



import { Pipe, PipeTransform } from '@angular/core';

import { DomSanitizer } from '@angular/platform-browser';



@Pipe({

  name: 'tree'

})

export class TreePipe implements PipeTransform {



  constructor(private sanitizer: DomSanitizer) {}



  transform(url) {

    return this.sanitizer.bypassSecurityTrustResourceUrl(url);

}





node.js angular angular6







share|improve this question









New contributor




Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
























    up vote
    0
    down vote

    favorite












    I'm new to Angular 6 and I'm getting this error:




    "unsafe value used in a resource URL context (see
    http://g.co/ng/security#xss)"




    I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



    This is the error which I'm getting



    Changed Iframe code as show below after creating new pipe: 



     <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


    The code of the pipe:



    import { Pipe, PipeTransform } from '@angular/core';
    
import { DomSanitizer } from '@angular/platform-browser';
    

    
@Pipe({
    
  name: 'tree'
    
})
    
export class TreePipe implements PipeTransform {
    

    
  constructor(private sanitizer: DomSanitizer) {}
    

    
  transform(url) {
    
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
    
}





    node.js angular angular6







    share|improve this question









    New contributor




    Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I'm new to Angular 6 and I'm getting this error:




      "unsafe value used in a resource URL context (see
      http://g.co/ng/security#xss)"




      I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



      This is the error which I'm getting



      Changed Iframe code as show below after creating new pipe: 



       <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


      The code of the pipe:



      import { Pipe, PipeTransform } from '@angular/core';
      
import { DomSanitizer } from '@angular/platform-browser';
      

      
@Pipe({
      
  name: 'tree'
      
})
      
export class TreePipe implements PipeTransform {
      

      
  constructor(private sanitizer: DomSanitizer) {}
      

      
  transform(url) {
      
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
      
}





      node.js angular angular6







      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      I'm new to Angular 6 and I'm getting this error:




      "unsafe value used in a resource URL context (see
      http://g.co/ng/security#xss)"




      I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



      This is the error which I'm getting



      Changed Iframe code as show below after creating new pipe: 



       <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


      The code of the pipe:



      import { Pipe, PipeTransform } from '@angular/core';
      
import { DomSanitizer } from '@angular/platform-browser';
      

      
@Pipe({
      
  name: 'tree'
      
})
      
export class TreePipe implements PipeTransform {
      

      
  constructor(private sanitizer: DomSanitizer) {}
      

      
  transform(url) {
      
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
      
}





      node.js angular angular6




      node.js angular angular6






      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited yesterday









      Tân Nguyễn

      3,48932350




      3,48932350






      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked yesterday









      Garg Jigasu

      13




      13




      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.










           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53349265%2funsafe-value-used-in-a-resource-url-context%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday















          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday













          up vote
          0
          down vote










          up vote
          0
          down vote









          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer












          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered yesterday









          estus

          62.9k2193200




          62.9k2193200












          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday


















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday
















          thank you for your reply issue is fixed thanks.
          – Garg Jigasu
          yesterday




          thank you for your reply issue is fixed thanks.
          – Garg Jigasu
          yesterday












          You're welcome. Consider marking the answer as accepted if it solves the problem.
          – estus
          yesterday




          You're welcome. Consider marking the answer as accepted if it solves the problem.
          – estus
          yesterday










          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.










           

          draft saved


          draft discarded


















          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.













          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.












          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.















           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53349265%2funsafe-value-used-in-a-resource-url-context%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Create new schema in PostgreSQL using DBeaver

          Image
          0 At the beginning of my current job I had limited access to DB but recently my role is changed to superuser, admin, and owner. My colleague who was the previous DB admin is able to create a schema or change the permissions as there is a permission tab in the properties and he can change permissions by clicking easily. Would you please let me know how I can create schema and change permissions as well? Why his dbeaver looks different from me? He can easily right click on the schema folder on top of all schemas on the left side column and select create new schema while I do not have that, like the following picture I found on the internet. postgresql database-schema dbeaver share | improve this question
          Read more

          Deepest pit of an array with Javascript: test on Codility

          Image
          0 $begingroup$ This is the question from a Codility test, as a task in an interview: DeepestPit - problem description A non-empty zero-indexed array A consisting of N integers is given. A pit in this array is any triplet of integers (P, Q, R) such that: ·         0 ≤ P < Q < R < N; ·         sequence [A[P], A[P+1], ..., A[Q]] is strictly decreasing, i.e. A[P] > A[P+1] > ... > A[Q]; ·         sequence A[Q], A[Q+1], ..., A[R] is strictly increasing, i.e. A[Q] < A[Q+1] < ... < A[R]. The depth of a pit (P, Q, R) is the number min {A[P] − A[Q], A[R] − A[Q]}. For example, consider array A consisting of 10 elements such that: A[0] = 0 A[1] = 1 A[2] = 3 A[3] = -2 A[4] = 0 A[5] = 1 A[6] = 0 A[7] = -3 A[8] = 2 A[9] = 3 Triplet (2, 3, 4) is
          Read more

          Costa Masnaga

          Image
          .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m
          Read more