ng-bind-html

I'm trying to use $sce.trustAsHtml() with a property of an object in ng-repeat. The result is that the HTML is totally blank. The HTML outputs correctly using ngSanitize though. <div ng-repeat="question in questions"> <p ng-bind-html="$sce.trustAsHtml(question.body)"> </p> </div> I'm on AngularJS v1.3.0-beta.3 by the way. Not sure if there's a bug or I do something wrong. You can't use $sce.trustAsHtml in an expression (unless $sce is a property on the $scope ) because expressions are evaluated in the context of the $scope . The cleanest approach is to use ngSanitize . The second cleanest is

I am trying to dynamically insert an iframe into a page with Angular 1.2. Here is the code: html: <div id="player_wrapper" ng-cloak> <div ng-bind-html="player"></div> </div> js: $http({method: 'GET', url: url}). success(function(data, status) { $scope.player = data.html; }....... So the data.html is a string that has a valid HTML starting with <iframe ...> The string contains also some div. So it could look like: <iframe src='...' ...></iframe><div>some stuf</div> I use in app.js 'ngSanitize'. What it shows is the div (after the iframe) but not the iframe itself. If I use jQuery, basically a $

Trying to use ng-bind-html to insert iframe into page with AngularJS & I can't get it to work it on even the simplest form. Javascript function Ctrl($scope) { $scope.showIt = '<iframe src="http://www.anything.com"></iframe>'; } My HTML: <div ng-bind-html="showIt"></div> You need to use $sce service to tell angular to render html content on view Angular Doc says $sce is a service that provides Strict Contextual Escaping services to AngularJS. SCE assists in writing code in way that (a) is secure by default and (b) makes auditing for security vulnerabilities such as XSS, clickjacking, etc. a lot

I've got a repeater set up and can get data to display as long as there is no html within it. I've included angular-sanitize.js and have tried using ng-bind-html But nothing is displayed within the span, only within the ng-bind-html attribute. So it looks like sanitise isn't working, I read that this needs to be added to the app dependencies but am not sure where to do so. I've just been working through the tut on the angular site so only have a very basic controller set up at the minute. Dan You need to include the angular-sanitize.js http://ajax.googleapis.com/ajax/libs/angularjs/1.0.3

Is it possible to bind data of scope variable to a html that is about to bind as ng-bind-html? ie, I have a html ="<div>{{caption}}</div>"; and my angular template look like, <div ng-bind-html="html"></div> the value of scope variable caption is set in angular controller. So, I want to bind data in {{caption}} . Thanks in advance.. Jennie Ji You should use $interpolate not $compile. Write controller like this: angular.module('app', ['ngSanitize']) .controller('MyCtrl', ['$scope', '$interpolate', function($scope, $interpolate){ $scope.caption = 'My Caption'; $scope.html = $interpolate('<div>{