Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.output-encoding

Avoid trusting unsanitized Angular bypass sinks

DomSanitizer bypass helpers should not receive route, storage, or request-derived values without validation.

#Metadata

Rule ID
ts.security.angular-dom-sanitizer-bypass-untrusted-input
Severity
high
Confidence
0.81
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
experimental
Applies to
block
Tags
angular, rules-catalog, security

#Why it matters

Bypass helpers disable Angular templating protections and turn downstream sinks into XSS execution points.

#Remediation

Keep sensitive markup on Angular-safe bindings or sanitize with a reviewed helper before calling bypassSecurityTrust helpers.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.angular-dom-sanitizer-bypass-untrusted-input.rule.yaml.

Back to directoryOpen rule in repository