Content of <Helmet> should always be trusted

[yandeu]

See #57

(FYI, withStyles() uses <Helmet /> under the hood.)

• Do not escape <Helmet /> nor noscript, script or style by default. #61
• Document the new escape behavior #60

[Shinyaigeek]

Oh, I’m sorry. #44 This PR maybe causes this issue 🙇. I want to fix this issue, but I’m worried about under what conditions to trust(= not escape text node).

I think that if text node is descendants of <Helmet /> or child of <style /> or <script /> we should not escape text node. What do you think about this?

[yandeu]

Thanks for your help. I'm already about to fix it :)

I think everything under <Helmet /> should not be escaped.
In addition noscript, script', style elements should also never be auto-escaped.

This behavior should be clear in the docs as well.

Check https://github.com/nanojsx/nano/compare/fix-helmet-ssr

[Shinyaigeek]

Oh! Nice 👍 Looks good, Thanks 🙏

nanojsx/nanojsx.github.io#3

Should we describe this behavior in the dangerouslySetInnerHTML part of the Docs (added in the above PR)? if you think so, I want to work on this.

[yandeu]

Should we describe this behavior in the dangerouslySetInnerHTML part of the Docs (added in the above PR)? if you think so, I want to work on this.

👍