Improve this Doc View Source $interpolate
- $interpolateProvider
- service in module ng
Compiles a string with markup into an interpolation function. This service is used by the HTML $compile service for data binding. See $interpolateProvider for configuring the interpolation markup.
var $interpolate = ...; // injected var exp = $interpolate('Hello {{name | uppercase}}!'); expect(exp({name:'Angular'}).toEqual('Hello ANGULAR!');
$interpolate
takes an optional fourth argument, allOrNothing
. If allOrNothing
is true
, the interpolation function will return undefined
unless all embedded expressions evaluate to a value other than undefined
.
var $interpolate = ...; // injected var context = {greeting: 'Hello', name: undefined }; // default "forgiving" mode var exp = $interpolate('{{greeting}} {{name}}!'); expect(exp(context)).toEqual('Hello !'); // "allOrNothing" mode exp = $interpolate('{{greeting}} {{name}}!', false, null, true); expect(exp(context)).toBeUndefined(); context.name = 'Angular'; expect(exp(context)).toEqual('Hello Angular!');
allOrNothing
is useful for interpolating URLs. ngSrc
and ngSrcset
use this behavior.
Escaped Interpolation
$interpolate provides a mechanism for escaping interpolation markers. Start and end markers can be escaped by preceding each of their characters with a REVERSE SOLIDUS U+005C (backslash). It will be rendered as a regular start/end marker, and will not be interpreted as an expression or binding.
This enables web-servers to prevent script injection attacks and defacing attacks, to some degree, while also enabling code examples to work without relying on the ngNonBindable directive.
For security purposes, it is strongly encouraged that web servers escape user-supplied data, replacing angle brackets (<, >) with < and > respectively, and replacing all interpolation start/end markers with their escaped counterparts.
Escaped interpolation markers are only replaced with the actual interpolation markers in rendered output when the $interpolate service processes the text. So, for HTML elements interpolated by $compile, or otherwise interpolated with the mustHaveExpression
parameter set to true
, the interpolated text must contain an unescaped interpolation expression. As such, this is typically useful only when user-data is used in rendering a template from the server, or when otherwise untrusted data is used by a directive.
Dependencies
Usage
$interpolate(text, [mustHaveExpression], [trustedContext], [allOrNothing]);
Arguments
Param | Type | Details |
---|---|---|
text | string | The text with markup to interpolate. |
mustHaveExpression (optional) | boolean | if set to true then the interpolation string must have embedded expression in order to return an interpolation function. Strings with no embedded expression will return null for the interpolation function. |
trustedContext (optional) | string | when provided, the returned function passes the interpolated result through $sce.getTrusted(interpolatedResult, trustedContext) before returning it. Refer to the $sce service that provides Strict Contextual Escaping for details. |
allOrNothing (optional) | boolean | if |
Returns
function(context) |
an interpolation function which is used to compute the interpolated string. The function has these parameters:
|
Methods
-
startSymbol();
Symbol to denote the start of expression in the interpolated string. Defaults to
{{
.Use
$interpolateProvider.startSymbol
to change the symbol.Returns
string
start symbol.
-
endSymbol();
Symbol to denote the end of expression in the interpolated string. Defaults to
}}
.Use
$interpolateProvider.endSymbol
to change the symbol.Returns
string
end symbol.
© 2010–2017 Google, Inc.
Licensed under the Creative Commons Attribution License 4.0.
https://code.angularjs.org/1.3.20/docs/api/ng/service/$interpolate