npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

dangerously-set-html-content

v1.1.0

Published

Render raw html at your own risk!

Downloads

132,936

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

crystal-streamcrystal-stream

Keywords

Readme

Render raw html at your own risk!

NPM JavaScript Style Guide

Context

Here's a blog post that explain more in detail:

TL;DR

React uses dangerouslySetInnerHtml prop to render raw html, and works pretty much well for almost all the cases, but what if your html has some scripts tags inside??

When you use dangerouslySetInnerHtml on a component, internally react is using the innerHTML property of the node to set the content, which for safety purposes doesn't execute any javascript.

This behavior seemed very odd to me (I mean the prop name contains the word dangerously, and also you need to pass an object with a __html propery, which is on purpose, so you really know what you doing), although it have totally sense now, still doesn't solve my issue

After a little bit of search I found that the document has something called Range, this API let you create a fragment of the document, so using that I created dangerously-set-html-content.

This React component renders html from a string, and executes any js code inside of it!! 🎉

🚨🚨 USE IT AT YOUR OWN RISK 🚨🚨

Install

yarn add dangerously-set-html-content
// or
// npm install --save dangerously-set-html-content

Usage

import React from 'react'

import InnerHTML from 'dangerously-set-html-content'

function Example {

  const html = `
    <div>This wil be rendered</div>
    <script>
      alert('testing')
    </script>

  `

  return (
    <InnerHTML html={html} />
  )
}

This will also work for scripts with the src attribute set it

Note: By default this component only inserts the js that you pass in on the first render, after that it doesn't rerender. See https://github.com/christo-pr/dangerously-set-html-content/pull/7. You can pass allowRerender prop to rerender the component

Available Props

| Prop | Required | Value | Description | | :-------------: | :------: | :-----: | :---------------------------------------------------: | | html | Yes | String | The stringified code you want to execute | | allowRerender | No | Boolean | If set to true will allow to rerender the component |

Development

After cloning the repo and install all deps, you can do to example/ directory to install the example dependencies (the package will be a symlink to the file in src/)

Once you're on that directory you can run:

npm start

And an example all will be open.

Running unit test

Run:

npm test

License

MIT © christo-pr