this.modal.body(...) feature request

[CK110]

Hello:

• I'm submitting a feature request

    this.modal.alert()
        .size('lg')
        .showClose(true)
        .title('A simple Alert contains iframe')
        .body(`
        <iframe style="width:100%;height:99%;" scrolling="auto" 
        frameborder="0" src="https://angular.io/"></iframe>  
        `)
        .open();

As above，body can't support <iframe>tag, just like the dialog of easyui

[shlomiassaf]

Basically the iframe not loading is an expected behaviour. It is caused by angular sanitisation due to security reason, you can see it in the console:

WARNING: sanitizing HTML stripped some content (see http://g.co/ng/security#xss).

To allow it I need to disable the sanitizer for the whole library or for the whole library in the body option and this is a bad practice not recommended by angular.

This is a private use case that requires a private solution, i.e: the developer using the library should solve it.

You can solve it in different ways:

• Use a component with the iframe in the template.
• Build a plugin the disables the sanitization security for it specifically
• more creative solutions...

Again, i'm sorry but I won't implement it as it's a bad practice and it will create a security issue. It's how the angular framework works.