angularJs ng-bind-html指令

1.代码

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script src="angular.js"></script>
<script src="sanitize.js"></script>
</head>
<body>

<div ng-app="testapp" ng-controller="ctrl">
  <div ng-bind-html="myHtml"></div>
  <div ng-bind-html="trustHtml"></div>
</div>

<script>
	var app = angular.module('testapp', ['ngSanitize']);
	app.controller('ctrl',function($scope,$sce){
    $scope.myHtml = "<div><button onclick='alert(123)'>test</button></div>";
    $scope.trustHtml = $sce.trustAsHtml($scope.myHtml)
	});
</script>

</body>
</html>

2.结果