unsafe value used in a resource URL context











up vote
0
down vote

favorite












I'm new to Angular 6 and I'm getting this error:




"unsafe value used in a resource URL context (see
http://g.co/ng/security#xss)"




I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



This is the error which I'm getting



Changed Iframe code as show below after creating new pipe: 



 <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


The code of the pipe:



import { Pipe, PipeTransform } from '@angular/core';

import { DomSanitizer } from '@angular/platform-browser';



@Pipe({

  name: 'tree'

})

export class TreePipe implements PipeTransform {



  constructor(private sanitizer: DomSanitizer) {}



  transform(url) {

    return this.sanitizer.bypassSecurityTrustResourceUrl(url);

}





node.js angular angular6







share|improve this question









New contributor




Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
























    up vote
    0
    down vote

    favorite












    I'm new to Angular 6 and I'm getting this error:




    "unsafe value used in a resource URL context (see
    http://g.co/ng/security#xss)"




    I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



    This is the error which I'm getting



    Changed Iframe code as show below after creating new pipe: 



     <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


    The code of the pipe:



    import { Pipe, PipeTransform } from '@angular/core';
    
import { DomSanitizer } from '@angular/platform-browser';
    

    
@Pipe({
    
  name: 'tree'
    
})
    
export class TreePipe implements PipeTransform {
    

    
  constructor(private sanitizer: DomSanitizer) {}
    

    
  transform(url) {
    
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
    
}





    node.js angular angular6







    share|improve this question









    New contributor




    Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I'm new to Angular 6 and I'm getting this error:




      "unsafe value used in a resource URL context (see
      http://g.co/ng/security#xss)"




      I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



      This is the error which I'm getting



      Changed Iframe code as show below after creating new pipe: 



       <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


      The code of the pipe:



      import { Pipe, PipeTransform } from '@angular/core';
      
import { DomSanitizer } from '@angular/platform-browser';
      

      
@Pipe({
      
  name: 'tree'
      
})
      
export class TreePipe implements PipeTransform {
      

      
  constructor(private sanitizer: DomSanitizer) {}
      

      
  transform(url) {
      
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
      
}





      node.js angular angular6







      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      I'm new to Angular 6 and I'm getting this error:




      "unsafe value used in a resource URL context (see
      http://g.co/ng/security#xss)"




      I have searched allot and found that to fix this issue need to create a pipe in angular which i did and created new pipe then changed code in html but still issue persists can any person guide me?



      This is the error which I'm getting



      Changed Iframe code as show below after creating new pipe: 



       <iframe src="http://localhost:8087/bim/api/v1/dashboardTree/{{companyId}} |safe"></iframe>


      The code of the pipe:



      import { Pipe, PipeTransform } from '@angular/core';
      
import { DomSanitizer } from '@angular/platform-browser';
      

      
@Pipe({
      
  name: 'tree'
      
})
      
export class TreePipe implements PipeTransform {
      

      
  constructor(private sanitizer: DomSanitizer) {}
      

      
  transform(url) {
      
    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
      
}





      node.js angular angular6




      node.js angular angular6






      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited yesterday









      Tân Nguyễn

      3,48932350




      3,48932350






      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked yesterday









      Garg Jigasu

      13




      13




      New contributor




      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Garg Jigasu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.










           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53349265%2funsafe-value-used-in-a-resource-url-context%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday















          up vote
          0
          down vote













          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer





















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday













          up vote
          0
          down vote










          up vote
          0
          down vote









          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.






          share|improve this answer












          src attribute is a string, a pipe isn't evaluated there. In order for it to be evaluated as an expression, it should be:



          <iframe [src]="('http://localhost:8087/bim/api/v1/dashboardTree/' + companyId) | safe"></iframe>


          Also, there's an inconsistency, the pipe is safe in one place and tree in another.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered yesterday









          estus

          62.9k2193200




          62.9k2193200












          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday


















          • thank you for your reply issue is fixed thanks.
            – Garg Jigasu
            yesterday










          • You're welcome. Consider marking the answer as accepted if it solves the problem.
            – estus
            yesterday
















          thank you for your reply issue is fixed thanks.
          – Garg Jigasu
          yesterday




          thank you for your reply issue is fixed thanks.
          – Garg Jigasu
          yesterday












          You're welcome. Consider marking the answer as accepted if it solves the problem.
          – estus
          yesterday




          You're welcome. Consider marking the answer as accepted if it solves the problem.
          – estus
          yesterday










          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.










           

          draft saved


          draft discarded


















          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.













          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.












          Garg Jigasu is a new contributor. Be nice, and check out our Code of Conduct.















           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53349265%2funsafe-value-used-in-a-resource-url-context%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Costa Masnaga

          Image
          .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m...
          Read more

          Fotorealismo

          Image
          Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un ...
          Read more

          Sidney Franklin

          Image
          Questa voce sull'argomento registi statunitensi è solo un abbozzo . Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Sidney Franklin, foto di Carl Van Vechten Oscar alla memoria Irving G. Thalberg 1943 Sidney Franklin , all'anagrafe Sidney Arnold Franklin , (San Francisco, 21 marzo 1893 – Santa Monica, 18 maggio 1972), è stato un regista, produttore cinematografico e attore statunitense. Il 20 giugno 1963, si sposò con l'attrice australiana Enid Bennett. Il matrimonio durò fino alla morte dell'attrice, il 14 maggio 1969 [1] Indice 1 Filmografia 1.1 Regista 1.2 Aiuto regia (parziale) 1.3 Produttore 1.4 Attore (parziale) 2 Note 3 Altri progetti 4 Collegamenti esterni Filmografia | Regista | The Baby , co-regia Chester M. Franklin (1915) The Rivals , co-regia Chester M. Franklin (1915) Little Dick's First Case , co-regia Chester M. Franklin (1915) Her Filmland Hero , co-...
          Read more