Version: 5.x.x

Strings with HTML Tags

You can render HTML tags in translations using the t attribute or the translate pipe.

To render a translation containing HTML tags using pipe, you must set the translated value via the innerHTML attribute of the wrapping component.

Consider a translation for the key hello_peter with the English value Hello <b>Peter</b>!

You can render it using the translate pipe as follows:

<div [innerHTML]="'hello_peter' | translate"></div>

To render a translation containing HTML tags using the t attribute, you must set the translated value via the innerHTML attribute of the wrapping component.

<div t key="hello_peter" [isHtml]="true"></div>

Security

Tolgee sanitizes HTML tags in translations. It removes all HTML tags and attributes that are not allowed.

The HTML is automatically sanitized for both t component and translate pipe. However, if you don't expect HTML strings in your code, avoid passing the strings using innerHtml.

<b onmouseover=alert('XSS testing!')>Hello Peter!</b>

The above code is sanitized to: <b>Hello Peter!</b>

Security​

Security