SafeValue must use [property] getting appended to url in iframe src (Angular 14)

Question

I am binding a link in iframe src as below

public resultLink: SafeResourceUrl;                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             

this.resultLink = this.domSanitizer.bypassSecurityTrustResourceUrl(searchResult.pageUrl);

<iframe title="Finder Results" [src]="resultLink"></iframe>

But I am getting following output

<iframe title="Finder Results"  src="SafeValue must use [property]=binding: www.testurl.com (See https://g.co/ng/security#xss)"></iframe>

How can we fix this?

Is this the actual site you're trying to access `mytesturl.com`? are these `“”` present in your code?. Do you have protocol before `mytesturl.com`? — Syperia, May 11 '23 at 13:50
I see you corrected your question. Error does not reproduce though, if the value of `earchResult.pageUrl` is for instance `http://www.testurl.com` — Syperia, May 11 '23 at 13:59

Wandrille · Answer 1 · 2023-05-11T14:27:40.750

0

It could related to safeUrl:

<iframe title="Finder Results" [src]="resultLink | safeUrl"></iframe>

edited May 11 '23 at 14:27

answered May 11 '23 at 14:14

Wandrille

6,267
3
20
43

SafeValue must use [property] getting appended to url in iframe src (Angular 14)

1 Answers1