用angular 2+中的JS操作DOM以运行脚本
[英]Manipulating the DOM with JS in angular 2+ to run scripts
问题描述
I need to insert a script into an angular project which looks like this. 
我需要将脚本插入如下所示的有角项目中。
<script type="text/javascript" src="https://s3.tradingview.com/external-
embedding/embed-widget-events.js">
{
"width": "510",
"height": "600",
"importanceFilter": "-1,0,1"
}
</script>
Obviously, can't just stick it into template because NG will sanitize the script tag and nothing will happen. 显然,不能仅仅将其粘贴到模板中,因为NG会清理script标签,并且什么也不会发生。 So I have a method that manipulates the DOM which looks like this. 因此,我有一个操作DOM的方法,如下所示。
insertScript() {
var element = document.getElementById("myCal");
var script = document.createElement('script');
script.type = 'text/javascript';
script.src = "https://s3.tradingview.com/external-embedding/embed-widget-events.js";
script.innerHTML = '{"width": "510","height": "600","importanceFilter": "-1,0,1"}';
element.appendChild(script);
console.log(element);
}
Now, I run the method on ngAfterViewInit() after angular is done with sanitization so we don't get into that process. 现在,在完成角度清理后,我在ngAfterViewInit()上运行了该方法,因此我们不进入该过程。 The script gets inserted, the console output shows it at the div and you can inspect to see it there however nothing happens!!! 插入脚本,控制台输出在div上显示它,您可以检查以查看它在那里,但是什么也没有发生!
I checked the script in an ordinary html context outside the project it works perfectly. 我在项目外的普通html上下文中检查了脚本,它工作正常。
Don't know where to move on from here really, any suggestions would be really appreciated. 真的不知道从这里继续前进,任何建议将不胜感激。 Thanks. 谢谢。
1 个解决方案
解决方案1
0 2017-09-29 16:26:39
After numerous attempts to insert the widget the answer was quite surprising. 经过无数次尝试插入小部件的尝试,答案非常令人惊讶。 When we understood the chronology of the call it looked like this. 当我们了解通话的时间顺序时,它看起来像这样。
1) External js sourced 2) Then because of our dome manipulations the script was actually called correctly however nothing was inserted because the js sourced made calls to another source which was sanitized. 1)来自外部js的源2)然后,由于我们对球的操作,该脚本实际上被正确调用,但是未插入任何内容,因为来自js的源对另一个经过消毒的源进行了调用。
We solved the problem by going to the trading view page, inspecting the iframe that was inserted there and that was where we saw the actual true source from where the widget was being loaded. 我们通过转到交易视图页面,检查了插入到那里的iframe来解决该问题,在那儿,我们看到了加载小部件的实际真实来源。 After we bypassed the security for that source the widget loaded. 在绕过该源的安全性之后,将加载小部件。
this.calendarSrc =
this.sanitizer
.bypassSecurityTrustResourceUrl('the real source');
Very tricky issue it was and we tried every possible dome manipulation there can be to solve it but the answer was on the surface. 这是一个非常棘手的问题,我们尝试了所有可能的球机操纵来解决它,但答案出在表面上。
In the html template in angular we simply stick an iframe and for the iframe source the real source we got from the iframe from trading view website. 在Angular的html模板中,我们只是粘贴一个iframe,对于iframe源,是从交易视图网站从iframe获得的真实源。 In the iframe we substitute a variable for the source and we by pass security for the variable. 在iframe中,我们将变量替换为源,并通过安全性对该变量进行传递。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.