Comments (6)
<head dangerouslySetInnerHTML={{ __html: "<script>console.log(1);</script>" }} />
from fresh.
I'm afraid I don't have enough context on how dangerouslySetInnerHTML
was used in combination with <head>
. Can you share more context?
from fresh.
Thanks for sharing more context. I see, that's the expected behavior. Setting dangerouslySetInnerHTML
basically says: "Replace all of this elements content with the HTML string". It's the same thing as if you'd set .innerHTML
on an HTML element directly. The way the .innerHTML
property works is that it discards any child nodes present before and overwrites it with the passed HTML string.
from fresh.
What is your recommendation to add arbitrary code to the head based on string-based config? Parse the HTML and convert it to JSX elements on the fly?
from fresh.
I provided some quick code here: #2360 (reply in thread)
You might have to expand to other tags (eg link
) depending on your use-case, but I really think it's going to be a better strategy overall to have tight control over the HTML you are writing rather than "dangerous" injection of code.
If you're trying to inject a script, there's probably a better way to achieve your ultimate goal, however. Can you provide more info on the problem you're trying to solve?
from fresh.
I have multiple things: some comments, a <noscript>
, and a <script>
. I think I better inject it in the middleware by interfering with the response stream through a custom ReadableStream impl.
from fresh.
Related Issues (20)
- Hook is already inside component, yet error `Hook can only be invoked from render methods` still occurs HOT 1
- Client Address Bar wont update after 303 redirect response. HOT 4
- JSX element implicitly has type 'any' because no interface 'JSX.IntrinsicElements' exists. || pragmaFrag cannot be set when runtime is automatic HOT 2
- [Bug] Preact's hydrate will clear uncontrolled property(e.g.`defaultValue) HOT 1
- [bug] partial on form submit HOT 1
- ReadableStream.from not supported if a fresh app is a subfolder HOT 6
- Tailwind plugin wanders into `scss` files then crashes on build HOT 1
- preact has a "We stand with Ukraine" banner, so I won't use it (or fresh or SaasKit)
- What do the <reference /> mean in main.ts? HOT 1
- issues with @headlessui/react HOT 1
- ENV variables in client HOT 5
- Clicking the recipe demo on Fresh's homepage changes the page title to "My Fresh app" HOT 1
- If Fresh /components/ folder doesn't return JS, should I even bother with memo()? HOT 4
- connection error: unexpected end of file HOT 3
- Data passed with `ctx.render` to async route is `undefined` HOT 1
- Docs: Change cart example to not used shared signals
- Build: DNS Error registry-staging.deno.com HOT 1
- fresh.gen.ts is `not found` HOT 5
- n00b struggling with deploying fresh project with deno kv HOT 1
- Island Slots Don't Work With `f-client-nav` HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fresh.