Open x412773090 opened 2 months ago
https://ng-zorro-mtd-ivy-cjm9xv.stackblitz.io
Import {component} from '@angular/core';
import {nzmodalService} from 'ng-zorro -NTD/MODAL';
@Component ({{
Selector: 'My-APP',
template: `
<input nz-input [(ngmodel)] = "input">
<Button
(click) = "OpenConfirm ()" "
nz-button
Type = "Button"> Confirm </Button>
`,
})
export class appcomponent {
input = 'delete [<a href="https://bing.com"> link </a>]?';
Constructionor (Private NzmodalService: NZMODALSERVICE) {}
OpenConfirm (): void {
this.nzmodalService.confirm ({
nztitle: this.input,
});
}
}
The link cannot be clicked
Click the link to jump to the external website
ENVIRONMENT | Info |
---|---|
NG-Zorro-ATD | 17.4.0 |
Browser | Chrome |
hi @x412773090.
The nzTitle
accepts string | TemplateRef
, and ng-zorro will render the string
type in [innerHTML]
(see angular official doc Sanitization and security contexts), which will sanitize the string and make sure the security
If you wanna just render the original string content, you can pass with a TemplateRef
type
I hope these information help you well.
Reproduction link
https://ng-zorro-antd-ivy-cjm9xv.stackblitz.io
Steps to reproduce
What is expected?
链接不可被点击
What is actually happening?
点击链接可跳转到外部网站