We are using Angular JS in our app. I want to prevent all input fields from accepting JavaScript etc. Rather than check every single ponent is there a directive or something I could use out of the box which does this for me? Thanks
We are using Angular JS in our app. I want to prevent all input fields from accepting JavaScript etc. Rather than check every single ponent is there a directive or something I could use out of the box which does this for me? Thanks
Share Improve this question asked Sep 25, 2013 at 15:00 Breako BreakoBreako Breako 6,47115 gold badges44 silver badges60 bronze badges2 Answers
Reset to default 8Rather than doing client side filtering, I would leave that to the server side ponent. But client side will need to do the input validation stuff for the sake of user friendly.
ngSanitize in angular 1.2.0 (and some earlier versions) can help you sanitize your inputs.
http://docs.angularjs/api/ngSanitize
Or, alternatively, write your own filter that runs the input through regex to strip all HTML/JS/etc.
As a note, you should still have your server sanitize the inputs as well considering users can make direct requests against your server API and you may not have client side validation there.