I have a JSON file with data. In each object I've got a field the "description" with HTML tags, style, and text like this:
<div>__localname__</div>
<div style="color: #555; margin-top:2px; margin-left:10px;"><div style="display:inline; color:#d34319 ">[DV]</div> Проверка домена (выдача от 5 минут)</div>
<div style="color: #555; margin-top:2px; margin-left:10px;">Защищает домен с www и без www (указывайте при заказе домен с www, например www.domain.ru)</div>
<div style="color: #555; margin-top:2px; margin-left:10px;">Гарантия 10000$</div>
I want to show this styled data on hover The problem is that Title ([attr.title] or Title, or [title]) doesn't show div's styles and browser recommends me to visit this link http://g.co/ng/security#xss
I'm using Pipe with DomSanitizer:
@Pipe({ name: 'safeHtml'})
export class SafeHtmlPipe implements PipeTransform {
constructor(private sanitized: DomSanitizer) {}
transform(value: any) {
return this.sanitized.bypassSecurityTrustHtml(value);
}
}
This is how I get data:
1) I get JSON
getPriceList() {
return this.httpGet('./ssl.json');
}
2) make it visible on web page
ngOnInit() {
this.appService.getPriceList().subscribe(data => {
this.pricelist = data.pricelist;
});
}
3) Html, where i want to show styled "Title" on Hover
<tbody>
<tr *ngFor="let item of pricelist">
<td>
<a data-toggle="tooltip" data-html="true"
title="{{item.description|safeHtml}}">
{{ item.name }}
</a>
</td>
<td> от {{ item.price.period[0].cost }} {{ item.price.currency }}</td>
<td> <div [innerHTML]='item.description | safeHtml'></div> </td>
</tr>
</tbody>
[innerHTML] works fine, but Title don't... How to make it work with data from JSON file?
Here is screenshot with the error: https://yadi.sk/i/uieFFCfa3BMq4v