Displaying WYSIWYG editor's output with React

This page summarizes the projects mentioned and recommended in the original post on /r/webdev
hardware-buttons linkedin-bot template-engine-js

InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured
Sevalla - Deploy and host your apps and databases, now with $50 credit!
Sevalla is the PaaS you have been looking for! Advanced deployment pipelines, usage-based pricing, preview apps, templates, human support by developers, and much more!
sevalla.com
featured

  1. DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

    https://www.npmjs.com/package/dompurify or similar libraries can actually do the escaping themselves, but you will be able to set what tags you allow or what not to allow. The list of allowed tags needs to be similar to what you allow in the CKEditor. By using this library to sanitize the input, you will be able to actually use dangerouslySetHtml without issues

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. html-react-parser

    📝 HTML to React parser.

    I'm glad I could help! Please be careful though and check the FAQ section of the library. It says that it does not sanitize and it's not XSS safe. This is the issue where they explain: https://github.com/remarkablemark/html-react-parser/issues/94

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Alternatives to dangerouslySetInnerHTML

    2 projects | /r/reactjs | 6 Mar 2023

  • Your rich text could be a cross-site scripting vulnerability

    3 projects | dev.to | 16 Dec 2024

  • Understanding Cross-Site Scripting (XSS): A Quick Reference

    1 project | dev.to | 28 Oct 2024

  • Mitigate XSS exploits when using React's `dangerously SetInnerHTML`

    1 project | dev.to | 12 Sep 2024

  • Navigating the Security Risks of Arbitrary Values in Tailwind CSS

    1 project | dev.to | 15 Aug 2024
Loading...