How to protect your service from XSS by using sanitize-html 【React】

When we write react codes, we sometimes face this problem. It is ‘How to render html string in React’. As you know, you can solve this with dangerouslySetInnerHTML. However, it has a problem which can cause XSS(not recommended in React tutorial either).

I found the solution to it. This is it.

sanitize-html

import sanitizeHtml from 'sanitize-html';
sanitize(text: ?string): string {
  const cleanText = sanitizeHtml(text, {
    allowedTags: ['p'],
  });
  return cleanText;
}

You can use this library like above. It automatically eliminates dangerous tags in your html string.

My LinkedIn account. Please follow me!

https://www.linkedin.com/in/tomoharu-tsutsumi-56051a126/