Displaying WYSIWYG editor's output with React

This page summarizes the projects mentioned and recommended in the original post on /r/webdev
#Dom #HTML #Security #html-react-parser #Xss

Our great sponsors
  • Amplication - open-source Node.js backend code generator
  • Appwrite - The open-source backend cloud platform
  • SurveyJS - A Non-Cloud Alternative to Google Forms that has it all.
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • Sonar - Write Clean JavaScript Code. Always.
  • Mergify - Tired of breaking your main and manually rebasing outdated pull requests?
Our great sponsors

  • DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

    https://www.npmjs.com/package/dompurify or similar libraries can actually do the escaping themselves, but you will be able to set what tags you allow or what not to allow. The list of allowed tags needs to be similar to what you allow in the CKEditor. By using this library to sanitize the input, you will be able to actually use dangerouslySetHtml without issues

  • html-react-parser

    :memo: HTML to React parser.

    I'm glad I could help! Please be careful though and check the FAQ section of the library. It says that it does not sanitize and it's not XSS safe. This is the issue where they explain: https://github.com/remarkablemark/html-react-parser/issues/94

  • Amplication

    Amplication: open-source Node.js backend code generator. An open-source platform that helps developers build backends without spending time on boilerplate & repetitive coding. Including production-ready GraphQL & REST APIs, DB schema, DTOs, filtering, pagination, RBAC, & more.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts