TechQA.

Why should we use $sce.trustAsResourceUrl(iframeUrl)?

5.7k views Asked by At

I am new to AngularJS. I tried binding iframe src with Angular controller.

html:

<iframe class="mini-graph" ng-src="{{iframeUrl()}}"></iframe>

controller js:

$scope.iframeUrl = function(){
    return "http://www.google.co.in";
};

This doesn't work. But if I change my controller to:

$scope.iframeUrl = function(){
    return $sce.trustAsResourceUrl("http://www.google.co.in");
};

it works.

I don't know what's the magic happens with $sce.trustAsResourceUrl. It would be great if some one could explain it.

javascript angularjs angularjs-sce
Original Q&A
1

There are 1 answers

1
TheBugger On

For security reasons, AngularJS prevents binding ng-src to untrusted external resources, such as an external URL. The call to $sce.trustAsResourceUrl returns a special wrapper object for the external URL to mark the URL as trusted.

Related Questions in JAVASCRIPT

Related Questions in ANGULARJS

Related Questions in ANGULARJS-SCE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions