Skip to content

Commit

Permalink
docs(security): clarify IonicSafeString usage with innerHTMLTemplates…
Browse files Browse the repository at this point in the history 
…Enabled (#2906)
  • Loading branch information
@liamdebeasi
liamdebeasi authored Apr 19, 2023
1 parent ea506a9 commit 92424ff
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions docs/techniques/security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,10 @@ Ionic Framework provides an application config option called `sanitizerEnabled`

Developers can also choose to eject from the sanitizer in certain scenarios. Ionic Framework provides the `IonicSafeString` class that allows developers to do just that.

:::note
In order to bypass the sanitizer and use unsanitized custom HTML in the relevant Ionic components, `innerHTMLTemplatesEnabled` must be set to `true` in the Ionic config. See [Enabling Custom HTML Parsing](#enabling-custom-html-parsing-via-innerhtml) for more information.
:::

#### Usage

````mdx-code-block
Expand Down

1 comment on commit 92424ff

@vercel
Copy link

@vercel vercel bot commented on 92424ff Apr 19, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

ionic-docs – ./

ionic-docs-ionic1.vercel.app
ionic-docs-gqykycf8t.vercel.app
ionic-docs-git-main-ionic1.vercel.app

Please sign in to comment.