react-escape-html

ES6 tagged template string escaping HTML and producing a 'tainted string object' directly usable with React 'dangerouslySetInnerHTML' property.

Use wbinnssmith/eskape.

Installation

npm install --save react-escape-html

Example

var html = require('react-escape-html');
 
var tag = '<script>';
var safeHTMLString = html`This is a <b>dangerous</b> HTML tag: ${tag}!`;
var safeReactElement = <div dangerouslySetInnerHTML={safeHTMLString} />;

License

MIT