Of course, you know dangerouslySetInnerHTML
attribute. This is very useful when you need to insert a custom own HTML in your page.
…is React’s replacement for using innerHTML in the browser DOM. In general, setting HTML from code is risky because it’s easy to inadvertently expose your users to a cross-site scripting (XSS) attack. So, you can set HTML directly from React, but you have to type out
dangerouslySetInnerHTML
and pass an object with a__html
key, to remind yourself that it’s dangerous.
Alternatively, you could use:
function innerHTML( props )
{
return (<span dangerouslySetInnerHTML={{ __html : props.html }}/> );
}
// and use
const html = 'something';
return (
<div>
<innerHTML html={html} />
</div>
);