iSharkFly-Docs
/
angular-docs-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: Change lexical in security guide (#41016) 

Change `onerror` attribute reference to `script` element reference
PR Close #41016
This commit is contained in:
Theoklitos Bampouris 2021-02-26 16:53:06 +02:00 committed by Zach Arend
parent 91cdc11aa0
commit fb82558d78
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
aio/content/guide/security.md
View File

@ -94,7 +94,7 @@ vulnerability. For example, one could execute JavaScript in a following way:
<code-example path="security/src/app/inner-html-binding.component.ts" header="src/app/inner-html-binding.component.ts (class)" region="class"></code-example>
Angular recognizes the value as unsafe and automatically sanitizes it, which removes the `onerror` attribute but keeps safe content such as the `<b>` element.
Angular recognizes the value as unsafe and automatically sanitizes it, which removes the `script` element but keeps safe content such as the `<b>` element.
<div class="lightbox">
<img src='generated/images/guide/security/binding-inner-html.png' alt='A screenshot showing interpolated and bound HTML values'>