What happens if you use script tag inside template?
Angular recognizes the value as unsafe and automatically sanitizes it, which removes the script
tag but keeps safe content such as the text content of the script
tag. This way it eliminates the risk of script injection attacks. If you still use it then it will be ignored and a warning appears in the browser console.
Let's take an example of innerHtml property binding which causes XSS vulnerability,
export class InnerHtmlBindingComponent {// For example, a user/attacker-controlled value from a URL.htmlSnippet = 'Template <script>alert("0wned")</script> <b>Syntax</b>';}
June 12, 2022
3191
Read more
What is Angular Framework?
November 04, 2022
AngularWhat is a Angular module?
November 03, 2022
AngularWhat are the steps to use animation module?
October 31, 2022
Angular