AngularJS create html/link/anchor from text (escape/unescape html in view)
Solution 1
I think you can use Angular's linky filter for this: https://docs.angularjs.org/api/ngSanitize/filter/linky
You can use it like so:
<p ng-bind-html="post | linky"></p>
You'll have to include Angular's sanitize module for linky to work:
angular.module('myApp', [
'ngRoute',
'ngSanitize',
'myApp.filters',
...
Solution 2
You can use this replace for the string:
'please visit http://stackoverflow.com quickly'.replace(/(http[^\s]+)/, '<a href="$1">$1</a>')
then you'll need to use the $sce
service, and ngBindHtml
directive.
$sce
is a service that provides Strict Contextual Escaping services to AngularJS.
So in your filter you need to wrap links with a
tags then return a trusted html using $sce.trustAsHtml
:
filter('createAnchors', function ($sce) {
return function (str) {
return $sce.trustAsHtml(str.
replace(/</g, '<').
replace(/>/g, '>').
replace(/(http[^\s]+)/g, '<a href="$1">$1</a>')
);
}
})
Working examples: http://jsfiddle.net/T3fFt/11/
Related videos on Youtube
Daan
Updated on June 04, 2022Comments
-
Daan almost 2 years
I have a controller that has an assigned value:
$scope.post = 'please visit http://stackoverflow.com quickly';
I have some text in my html:
<p>{{post}}</p>
I would like to make a clickable link of the url (surround it with anchor tags).
I tried to change my html to:
<p ng-bind-html="post | createAnchors"></p>
Here is a simplified example of the problem:
The question is, how can I escape the whole post text, except for the link, which will be surrounded by anchor tags? ?
-
Kato almost 10 yearsWhy is there no accepted answer for this question. At least one of these are Kato approved. Make it so.
-
-
Daan over 10 yearsCan you please tell me what functions exactely? I tried a few of them but didn't get it to work.
-
CD.. over 10 yearsdid you try
trustAsHtml
? -
Daan over 10 yearsDo I get it right: When you set ng-bind-html, Angular will not escape html. When you then manually set $sce.trustAsHtml, this is the same right? So in that case that won't help me
-
Daan over 10 yearsThe problem with this solution is that the rest of the text is not getting escaped. Check jsfiddle.net/T3fFt/5 where another anchor is not escaped. I updated my question with a jsfiddle.
-
CD.. over 10 yearsI've lost you, you do not want to escape the string?
-
Daan over 10 yearsWhen someone enters a url in the post, I want them to get anchor tags around them and THAT anchor tag should not be escaped but rendered as HTML. The REST of the post should be escaped, so a user cannot insert <script> tags or something.
-
Daan over 10 yearsYes like that, but than I don't want to escape every character myself (what you do now with the
replace(/</g, '<')
) but want to use some function from Angular -
CD.. over 10 yearsNo such function AFAIK.
-
exclsr almost 10 yearsI think the linky filter has been available since AngularJS 1.0: code.angularjs.org/1.0.2/docs/api/ngSanitize.filter:linky
-
GFoley83 over 9 years@Daan I'm on Angular v1.2.21 and it works fine.
<div ng-bind-html="post.Text | linky:'_blank'"></div>
-
Dylanthepiguy almost 8 yearsA word of warning to anyone wanting to use linkyFilter: It escapes HTML characters so your raw HTML code (but with links) will show up in the html-bound element
-
exclsr almost 8 yearsYes, @Dylanthepiguy, that is the desired behavior for this question.