[英]draft-to-html with React's dangerouslySetInnerHTML
I'm using draft-to-html
npm package to display draftjs
content to a div using dangerouslySetInnerHTML
. 我正在使用draft-to-html
npm程序包使用dangerouslySetInnerHTML
地将draftjs
内容显示到div上。
Something like this: 像这样:
<div dangerouslySetInnerHTML={{ __html: draftToHtml(JSON.parse(intro)) }} />
intro
is user input and have not been sanitized. intro
是用户输入的内容,尚未经过消毒。 This feels bad but shouldn't draft-to-html
only output known html tags such as H1-6, ul, ol, pre, p
etc.? 这感觉很糟糕,但是draft-to-html
不应仅输出已知的html标签,例如H1-6, ul, ol, pre, p
等?
Also, how would I sanitize a draftjs object? 另外,我该如何清除draftjs对象?
You should be ok. 你应该没事的 If you look at https://github.com/jpuri/draftjs-to-html#supported-conversions it shows all the text transformations that will happen: 如果您查看https://github.com/jpuri/draftjs-to-html#supported-conversions,它将显示将要发生的所有文本转换:
Following is the list of conversions it supports: 以下是它支持的转换列表:
Convert block types to corresponding HTML tags: 将块类型转换为相应的HTML标签:
Block Type HTML Tag 块类型HTML标记
- header-one h1 标头一h1
- header-two h2 头两个h2
- header-three h3 标头-三h3
- header-four h4 标头四h4
- header-five h5 头五h5
- header-six h6 头六个h6
- unordered-list-item ul 无序列表项目ul
- ordered-list-item ol 订单清单项目
- blockquote blockquote 块引用块引用
- code pre 预编码
unstyled p 无样式的p
It performs these additional changes to text of blocks: 它对块的文本执行以下其他更改:
replace blank space in beginning and end of block with replace \\n with 用替换\\ n替换块开头和结尾的空格
replace < with < replace > with > 将<替换为<将>替换为>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.