All geek questions in one place

Angular insecure url

I use this directive to use jCrop with Angular: http://plnkr.co/edit/Z2IQX8s9UK6wQ1hS4asz?p=preview

When I load a value src, I get this error:

Cannot interpolate: {{profileImg}} Error: [$ sce: insecurl]

He then links me to a page that says the following:

A locked download resource from url is not allowed by the $ sceDelegate policy.

My html:

<img-cropped src={{profileImg}} selected='selected(cords)'/>

And this error occurs when I change $scope.profileImgto the url of my image.

I get attached to S3 where I get the value from profileImg. I believe this source, since I can tell angular that this source is trusted enough to make this directive work?

hardcode src , .

EDIT:

URL $sce.

:

cmsApp.controller('PresentationCtrl',function($scope, $upload, all, $sce){

var socket = io.connect('https://xxxxxx.xxxxxxxxxxxxxx.xxx:3000');
$scope.profileImg="";



$scope.uploadProfilePic = function(){
    socket.removeAllListeners();
    console.log(file3);
    var url = 'https://xxxxxxx.xxxxxxxxxx.xxx:3000/uploadProfile?tenant=xxxxx';

    $scope.upload = $upload.upload({
        url:url,
        data:{myObj:'test1'},
        file:file3
    }).progress(function(evt){
        console.log('percent: ' + parseInt(100.0 * evt.loaded / evt.total));
    }).success(function(data,status,headers,config){
        $sce.trustAsUrl(data);
        $scope.profileImg = data;
    });
};
});

trustAsUrl .

, nginx?

EDIT2:

S3, . , , S3. - Apache EC2, .

ng-src src, $sce.trustAsUrl(url) $compileProvider

+4
3

$sce

whitelist all blob data: image/* urls <img>, , , , URL-s > sce, . @NuclearGhost

app.config(["$compileProvider" function($compileProvider) {

    $compileProvider.imgSrcSanitizationWhitelist(/^\s*(blob:|data:image)/);

}]);
+6

URL- , trustAsUrl() ng.$sce service

angular .

+4

$sceProvider.enabled(false).

+1

Source: https://habr.com/ru/post/1526585/

More articles:


All Articles