New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🤖 Rendering HTML // 렌더링된 DOM노드에 dangerouslySetInnerHTML태그를 사용하여 직접적으로 HTML을 삽입 #59

Open

leemember opened this issue Jan 13, 2023 · 0 comments

Owner

leemember commented Jan 13, 2023 •

edited

Loading

렌더링된 DOM노드에 dangerouslySetInnerHTML태그를 사용하여
직접적으로 HTML을 삽입할 수 있습니다.

이러한 링크들은 미리 검사하여 방지할 필요가 있습니다.
dangerouslySetInnerHTML prop에 지정되기 전에 모든 값들을
dompurify와 같은 sanitization library를 사용하여 sanitize해주어야 합니다.

import purify from "dompurify";

(...)

<div dangerouslySetInnerHTML={{ __html:purify.sanitize(data) }} />

따라서 컨텐츠를 DOM nodes의 직접적으로 넣으려 DOM에 접근해서는 안됩니다.
dangerouslySetInnerHTML 태그를 사용할 경우 dompurify를 사용하여 HTML이 삽입되기 전 sanitize해주어야 합니다.

The text was updated successfully, but these errors were encountered:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment