{"id":13491735,"url":"https://github.com/peternewnham/react-html-parser","last_synced_at":"2025-04-12T18:41:23.068Z","repository":{"id":43451866,"uuid":"49913602","full_name":"peternewnham/react-html-parser","owner":"peternewnham","description":"Converts HTML strings directly into React components and provide a simple way to modify and replace the content.","archived":false,"fork":false,"pushed_at":"2024-06-28T08:15:57.000Z","size":876,"stargazers_count":790,"open_issues_count":57,"forks_count":105,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-06T09:14:42.966Z","etag":null,"topics":["html","react"],"latest_commit_sha":null,"homepage":"https://peternewnham.github.io/react-html-parser","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/peternewnham.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-01-18T23:58:36.000Z","updated_at":"2025-03-19T06:16:58.000Z","dependencies_parsed_at":"2024-06-12T18:14:44.723Z","dependency_job_id":"b4bffe68-07db-4ed8-bb6c-9d33c8f74ba2","html_url":"https://github.com/peternewnham/react-html-parser","commit_stats":{"total_commits":52,"total_committers":5,"mean_commits":10.4,"dds":0.3076923076923077,"last_synced_commit":"e89bba4f8022a92418186cfaacfd473e81e31d92"},"previous_names":["wrakky/react-html-parser"],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/peternewnham%2Freact-html-parser","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/peternewnham%2Freact-html-parser/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/peternewnham%2Freact-html-parser/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/peternewnham%2Freact-html-parser/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/peternewnham","download_url":"https://codeload.github.com/peternewnham/react-html-parser/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248616555,"owners_count":21134097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["html","react"],"created_at":"2024-07-31T19:00:59.766Z","updated_at":"2025-04-12T18:41:23.028Z","avatar_url":"https://github.com/peternewnham.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"# React HTML Parser\n\nA utility for converting HTML strings into [React](https://facebook.github.io/react/) components. Converts standard HTML elements, attributes and inline styles into their React equivalents and provides a simple way to modify and replace the content.\n\n[Try the Live Demo](https://wrakky.github.io/react-html-parser)\n\n[![Travis branch](https://img.shields.io/travis/wrakky/react-html-parser/master.svg)](https://travis-ci.org/wrakky/react-html-parser)\n[![Coveralls](https://img.shields.io/coveralls/wrakky/react-html-parser.svg)](https://coveralls.io/github/wrakky/react-html-parser)\n[![npm](https://img.shields.io/npm/v/react-html-parser.svg)](https://www.npmjs.com/package/react-html-parser)\n[![Downloads](https://img.shields.io/npm/dw/react-html-parser.svg)](https://www.npmjs.com/package/react-html-parser)\n[![David](https://img.shields.io/david/wrakky/react-html-parser.svg)](https://david-dm.org/wrakky/react-html-parser)\n\n## Install\n\n```bash\nnpm install react-html-parser\n# or\nyarn add react-html-parser\n```\n\n## Usage\n\n```javascript\nimport React from 'react';\nimport ReactHtmlParser, { processNodes, convertNodeToElement, htmlparser2 } from 'react-html-parser';\n\nclass HtmlComponent extends React.Component {\n  render() {\n    const html = '\u003cdiv\u003eExample HTML string\u003c/div\u003e';\n    return \u003cdiv\u003e{ ReactHtmlParser(html) }\u003c/div\u003e;\n  }\n}\n```\n\n## Security\n\nIt is important to understand that this library should not be used as a direct replacement for using properly sanitized HTML and that it only provides the same level of protection that React does which does not provide 100% protection. All HTML should be properly sanitized using a dedicated sanitisation library (such as [dompurify](https://www.npmjs.com/package/dompurify) for node/js) before being passed to this library to ensure that you are fully protected from [malicious injections](https://en.wikipedia.org/wiki/Cross-site_scripting).\n\n### What doesn't React protect me from?\n\nWhilst React has a [certain level of protection to injection attacks](https://reactjs.org/docs/introducing-jsx.html#jsx-prevents-injection-attacks) built into it, it doesn't cover everything, for example:\n* xss via iframe src: `\u003ciframe src=\"javascript:alert('xss')\" /\u003e`\n* xss via link href: `\u003ca href=\"javascript:alert('xss')\"\u003eclick me\u003c/a\u003e`\n\n[Click here](https://codesandbox.io/s/reacthtmlparser-xss-examples-ijgiu?file=/src/App.js) to see these in action and how to protect yourself using [dompurify](https://www.npmjs.com/package/dompurify) in the browser.\n\n### Why doesn't ReactHTMLParser protect me automatically?\n\nIncluding a sanitizer as part of the library means it is making decisions for you that may not be correct. It is up to you to decide what level of sanitization you need and to act accordingly. Some users may already be sanitizing on the server or others may have specialized requirements that cannot be covered by a generic implementation.\n\nAdditionally, HTML sanitization is a hard thing to get right and even the most popular and actively developed sanitizers have [vulnerabilities discovered](https://snyk.io/vuln/npm:dompurify) from time to time. By leaving the sanitization outside of this library it gives users the ability to patch and deploy any fixes needed immediately instead of having to wait for a new version of this library to be released with the fix.\n\n## API\n\n### `function ReactHtmlParser(html, [options])`\nTakes an HTML string and returns equivalent React elements\n\n#### Usage\n```js\nimport ReactHtmlParser from 'react-html-parser';\n```\n#### Arguments\n- `html`: The HTML string to parse\n- `options`: Options object\n  - decodeEntities=true *(boolean)*: Whether to decode html entities (defaults to true)\n  - transform *(function)*: Transform function that is applied to every node\n  - preprocessNodes *(function)*: Pre-process the nodes generated by `htmlparser2`\n\n#### Transform Function\nThe transform function will be called for every node that is parsed by the library.\n\n`function transform(node, index)`\n##### Arguments\n- `node`: The node being parsed. This is the [htmlparser2](https://github.com/fb55/htmlparser2) node object. Full details can be found on their project page but important properties are:\n  - `type` (string): The type of node *(tag, text, style etc)*\n  - `name` (string): The name of the node\n  - `children` (array): Array of children nodes\n  - `next` (node): The node's next sibling\n  - `prev` (node): The node's previous sibling\n  - `parent` (node): The node's parent\n  - `data` (string): The text content, if the `type` is text\n- `index` (number): The index of the node in relation to it's parent\n\n#### Return Types\n`return null`\nReturning null will prevent the node and all of it's children from being rendered.\n```js\nfunction transform(node) {\n  // do not render any \u003cspan\u003e tags\n  if (node.type === 'tag' \u0026\u0026 node.name === 'span') {\n    return null;\n  }\n}\n```\n`return undefined`\nIf the function does not return anything, or returns undefined, then the default behaviour will occur and the parser will continue was usual.\n\n`return React element`\nReact elements can be returned directly\n```js\nimport React from 'react';\nfunction transform(node) {\n  if (node.type === 'tag' \u0026\u0026 node.name === 'b') {\n    return \u003cdiv\u003eThis was a bold tag\u003c/div\u003e;\n  }\n}\n```\n\n#### preprocessNodes Function\nAllows pre-processing the nodes generated from the html by `htmlparser2` before being passed to the library and converted to React elements.\n\n`function preprocessNodes(nodes)`\n##### Arguments\n- `nodes`: The entire node tree generated by `htmlparser2`.\n\n##### Return type\nThe `preprocessNodes` function should return a valid `htmlparser2` node tree.\n\n### `function convertNodeToElement(node, index, transform)`\nProcesses a node and returns the React element to be rendered. This function can be used in conjunction with the previously described `transform` function to continue to process a node after modifying it.\n\n#### Usage\n```js\nimport { convertNodeToElement } from 'react-html-parser';\n```\n#### Arguments\n- `node`: The node to process\n- `index` (number): The index of the node in relation to it's parent\n- `transform`: The transform function as described above\n\n```js\nimport { convertNodeToElement } from 'react-html-parser';\nfunction transform(node, index) {\n  // convert \u003cul\u003e to \u003col\u003e\n  if (node.type === 'tag' \u0026\u0026 node.name === 'ul') {\n    node.name = 'ol';\n    return convertNodeToElement(node, index, transform);\n  }\n}\n```\n\n### `htmlparser2`\nThe library exposes the `htmlparser2` library it uses. This allows consumers\nto use it without having to add it as a separate dependency.\n\nSee https://github.com/fb55/htmlparser2 for full details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpeternewnham%2Freact-html-parser","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpeternewnham%2Freact-html-parser","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpeternewnham%2Freact-html-parser/lists"}