«WARNING: sanitizing HTML stripped some content» and how to deal with it properly
AngularInDepth is moving away from Medium. More recent articles are hosted on the new platform inDepth.dev. Thanks for being part of indepth movement!
Everyone who has ever had a need to inline HTML into DOM in Angular have seen this message. Of course we just want to show a trusted message from our server with some styles sprinkled over. Or we inline our own constants and SVG icons because we just want to colorize them. Nothing bad is going to happen if we tell Angular there’s nothing to worry about.
In most cases this might be true. But in big projects with lots of developers writing independent modules you never know where your code will end up. And if you, like me, are developing a library of reusable components — this must be resolved at its root.
Sanitize and DomSanitizer
Angular has classes dedicated to clear content from various malicious junk:
