发表新帖
发表新帖

React app rendering html entities such as ampersand as escaped

后端 未结
关注
1 1015
时光取名叫无心
时光取名叫无心 2020-12-19 01:48

I have a React app embedded in Wordpress page. It pulls content from a JSON api and displays it in various areas.

My problem is that all of the text content that c

相关标签:
1条回答
  • 北海茫月
    2020-12-19 02:04

    HTML (including entities) will be rendered as a string when being rendered as an expression:

    {htmlString}

    In order to parse HTML, there is dangerouslySetInnerHTML prop:

    <span dangerouslySetInnerHTML={{__html: htmlString }} />

    As the name says, it's unsafe and should be generally avoided. If a string comes from untrusted source or a source that could be exploited, malicious code can be rendered to a client.

    The preferable way is to decode entities specifically, e.g. with html-entities:

    import { Html5Entities } from 'html-entities';
const htmlEntities = new Html5Entities();

...

{htmlEntities.decode(htmlString)}

    The problem could be avoided by not storing HTML entities in the first place if possible.

    0 讨论(0)
 看不清?
提交回复
热议问题