Home > other >  Make sure bypassing Vue built-in sanitization is safe here
Make sure bypassing Vue built-in sanitization is safe here

Time:11-11

<div v-html="this.getNormalMessage()"></div>

We are using "vue": "^2.5.17". While running a sonarqube report we got these hotspots "Make sure bypassing Vue built-in sanitization is safe here." for the above code snippet. Using v-html is causing this hotspot in sonarqube report. getNormalMessage is function which returns htmlContent.

we tried the solutions like

<div>{{ getNormalMessage }}</div>

but these solutions are converting content into a plain text. In our case we needed it to be rendered as html. Do we have better solutions ?

CodePudding user response:

As mentioned here, you can use vue-dompurify-html.
Be careful, only the v2.5.2 has still Vue2 support, then it's dropped.

Page link:https//www.codepudding.com/other/605791.html

Prev:Vue3 Composite API window.scrollTo element of ref Array
Next:Vue.js 2.0 (Vuetify) align v-switch and v-button on the right of an element
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding