Open jayarjo opened 7 years ago
those values would be escaped - they'd appear in the text as <strong>
not as tags. If you trust the string, then you can do h('div', {innerHTML: string})
but if it's a user provided string, that will be a security hole.
in that case, you just need to find an html escaping module, than can allow certain tags and not others.
innerHTML
seems to work great for parsing an HTML string into a hyperscript object at runtime.
But for posterity I wanted to show an example of how to translate the above HTML snippet into hyperscript code, since you can supply a children
array with a mix of strings and hyperscript tags like so:
h('p', [
'Some text here with ',
h('strong', 'parts'),
' and some',
//etc.
])
Consider html like this:
How do we convert this to HyperScript?