(developer.mozilla.org)

170 points todsacerdoti | 3 comments | 22 Oct 25 09:03 UTC | HN request time: 0.645s | source

Show context

michalpleban ◴[22 Oct 25 20:38 UTC] No.45674843[source]▶

So is this basically a safe version of innerHTML?

1. Octoth0rpe ◴[22 Oct 25 20:48 UTC] No.45674953[source]▶

Yes, although a slightly more relevant way of putting it would be that it's an inbuilt DOMPurify (dompurify being an npm package commonly used to sanitize html before injecting it).

replies(1): >>45678500 #

2. ngold ◴[23 Oct 25 05:41 UTC] No.45678500[source]▶

>>45674953 (TP) #

Is this basically doing the same thing as https now? But for http, and firefox just never implemented a simple fix for it's entire existence until now?

I obviously know nothing about this, but I still find it fascinating. Or am I off my block.

replies(1): >>45678750 #

3. masklinn ◴[23 Oct 25 06:16 UTC] No.45678750[source]▶

>>45678500 #

This has nothing whatsoever to do with http.

↑

Element: setHTML() method