Answer the question
In order to leave comments, you need to log in
VueJS: secure insertion of html received from server into v-html directive?
I need to display posts in the frontend, the content of which can have both pictures and text styles, etc. I get html from the server as a string and output it all in v-html.
I also use the fabricjs plugin, which parses canvas into an svg string and I also need to insert this string into v-html.
I read at the office. vue site about v-html and the danger of using it, but did not find a way to secure data insertion in v-html, but found this issue: https://github.com/vuejs/vue/issues/6333#issuecomm... and plugins from there : https://github.com/LeSuisse/vue-dompurify-html, https://github.com/apostrophecms/sanitize-html but for some reason I'm a little uneasy about putting them on.
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question