Created
January 26, 2024 08:42
-
-
Save indreklasn/5ebf9dec4727d3eadb61e8ab3ba89b14 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import React, { useState } from 'react'; | |
| import DOMPurify from 'dompurify'; | |
| const UserComments = () => { | |
| const [comments, setComments] = useState([ | |
| // Assume these comments are fetched from a server | |
| { id: 1, content: '<script>alert("XSS Attack!")</script>Great article!' }, | |
| { id: 2, content: 'Really enjoyed this post.' }, | |
| // More comments... | |
| ]); | |
| const createMarkup = (htmlContent) => { | |
| return { __html: DOMPurify.sanitize(htmlContent) }; | |
| }; | |
| return ( | |
| <div> | |
| <h2>User Comments</h2> | |
| <ul> | |
| {comments.map((comment) => ( | |
| <li key={comment.id} dangerouslySetInnerHTML={createMarkup(comment.content)} /> | |
| ))} | |
| </ul> | |
| </div> | |
| ); | |
| }; | |
| export default UserComments; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment