I'm using Angular 7 and I'm facing a problem with the sanitization system.
I'm trying to use the innerHtml directive to insert some Html code in my page. This code can contain html and style attributes.
Without using this._sanitizer.bypassSecurityTrustHtml(myCssHtmlCode), the style attributes are removed.
When I'm using it, the javascript code is not removed.
What I'm looking for is a way to keep style and html but remove the javascript code.
Something like the code below would be perfect but does not exist.
domSanitzer.sanitize([SecurityContext.HTML, SecurityContext.STYLE], myCssHtmlCode)
Is there any other way to combine the SecurityContext types?
Thanks!
