javascript - Is AngularJS's ngSanitize supposed to fix tags? -

javascript - Is AngularJS's ngSanitize supposed to fix tags? -

still not sure when utilize sanitize , when not to. moved old database new machine. it's got quite few blog posts. used display these w/ php horribly intuitive. can't much angular way.

angular.module( 'myapp', ['ngsanitize'] ); function blogcontroller($scope,$http,$sanitize) { var site = "http://onfilm.us/gamengai"; var page = "/fft.php"; console.log( site + page ); $http.get( site + page ) .success(function(response) { ( var = 0; < response.length; i++ ) { response[i].text = response[i].text.replace( /<br\s*\/?>/mg, "\n" ); // response[i].text = $sanitize( response[i].text ); // mangles } $scope.data = response; }); }

i ran regex on handle that.

the above gets info php script. if sanitize text, turns quotes & apostrophe's garbage. (maybe b/c they're escaped?) more importantly though, not respected. it's printed out string literal.

i asked question , recommended sanitize, solved part of problem.

edit: original text (in db) 'mylink'. , that's how displays on page.　see in action here: http://onfilm.us/gamengai/index.html

$sanitize not doing untoward original string far can tell. purpose strip potentially unsafe html string untrusted source; it's working, it's not thought was.

your problem unrelated. issue how you're binding text element. binding string, that's you're getting. want ng-bind-html. now, little more complicated that, because bind html you're going need utilize $sce first mark imported resource trustworthy.

first include $sce dependency, then...

$http.get(site + page).success(function(response) { $scope.data = response.map(function(article) { article.text = $sce.trustashtml(article.text); homecoming article; }); });

then in html, have this...

<div class="text">{{ item.text }}<br></div>

change to:

<div class="text" ng-bind-html="item.text"></div>

javascript angularjs sanitize