自从升级到最新的 Angular 2 候选版本后,我的 img 标签:
<img class='photo-img' [hidden]="!showPhoto1" src='{{theMediaItem.photoURL1}}'>
正在抛出浏览器错误:
ORIGINAL EXCEPTION: Error: unsafe value used in a resource URL context
url 的值为:
http://veeu-images.s3.amazonaws.com/media/userphotos/116_1464645173408_cdv_photo_007.jpg
编辑:
我已经尝试过在另一个解决方案中提出的建议,这个问题应该是重复的,但我得到了同样的错误。
我在 Controller 中添加了以下代码:
import {DomSanitizationService} from '@angular/platform-browser';
@Component({
templateUrl: 'build/pages/veeu/veeu.html'
})
export class VeeUPage {
static get parameters() {
return [[NavController], [App], [MenuController], [DomSanitizationService]];
}
constructor(nav, app, menu, sanitizer) {
this.app = app;
this.nav = nav;
this.menu = menu;
this.sanitizer = sanitizer;
this.theMediaItem.photoURL1 = this.sanitizer.bypassSecurityTrustUrl(this.mediaItems[1].url);
}
我仍然收到相同的错误消息。
编辑 2:
我还将 html 更改为:
<img class='photo-img' [hidden]="!showPhoto1" [src]='theMediaItem.photoURL1'>
我仍然收到相同的错误消息
最佳答案
管道
// Angular
import { Pipe, PipeTransform } from '@angular/core';
import { DomSanitizer, SafeHtml, SafeStyle, SafeScript, SafeUrl, SafeResourceUrl } from '@angular/platform-browser';
/**
* Sanitize HTML
*/
@Pipe({
name: 'safe'
})
export class SafePipe implements PipeTransform {
/**
* Pipe Constructor
*
* @param _sanitizer: DomSanitezer
*/
// tslint:disable-next-line
constructor(protected _sanitizer: DomSanitizer) {
}
/**
* Transform
*
* @param value: string
* @param type: string
*/
transform(value: string, type: string): SafeHtml | SafeStyle | SafeScript | SafeUrl | SafeResourceUrl {
switch (type) {
case 'html':
return this._sanitizer.bypassSecurityTrustHtml(value);
case 'style':
return this._sanitizer.bypassSecurityTrustStyle(value);
case 'script':
return this._sanitizer.bypassSecurityTrustScript(value);
case 'url':
return this._sanitizer.bypassSecurityTrustUrl(value);
case 'resourceUrl':
return this._sanitizer.bypassSecurityTrustResourceUrl(value);
default:
return this._sanitizer.bypassSecurityTrustHtml(value);
}
}
}
模板
{{ data.url | safe:'url' }}
就是这样!
注意:你不应该需要它,但这里是管道的组件使用
// Public properties
itsSafe: SafeHtml;
// Private properties
private safePipe: SafePipe = new SafePipe(this.domSanitizer);
/**
* Component constructor
*
* @param safePipe: SafeHtml
* @param domSanitizer: DomSanitizer
*/
constructor(private safePipe: SafePipe, private domSanitizer: DomSanitizer) {
}
/**
* On init
*/
ngOnInit(): void {
this.itsSafe = this.safePipe.transform('<h1>Hi</h1>', 'html');
}
关于angular - <img> : Unsafe value used in a resource URL context,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37927657/