-
Notifications
You must be signed in to change notification settings - Fork 27.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid HTML inside dangerouslySetInnerHTML
breaks the page.
#14797
Comments
Hey @lfades is it okay if I take this issue up? I was able to reproduce the issue locally and noticed that the reason the page goes blank is because This does not cause the page to go blank if that invalid html tag is a or even invalid markup like but will go blank if the invalid html tag is a <style> or <script> because the scripts next.js appends at the end of the page can't be executed inside of <style> or <script>. I think the right behavior would be to ensure that the next.js scripts don't end up wrapped inside of the invalid tag so that the JS can execute and any valid content can still render on the page. What are your thoughts, i'll attach screenshots for reference... |
@lfades or anyone else.. I tried to run a forked/cloned version of next locally and have it point to the example app but I keep running into a mismatch react issue. I tried to work through it but am stuck, any thoughts? |
@TatisLois Follow the steps here to setup the Next.js repo: https://github.com/vercel/next.js/blob/canary/contributing.md Once you run |
got it working - thanks |
I'll take a look at this issue as well. I think the responsibility of putting in valid html in |
I don't have time to continue on this issue, so if anyone else wants to continue - feel free to do so! My idea is to validate the HTML with perhaps html-validator package and logging the error to the console. I think adding something similiar to this in Main component could work: export function Main() {
const { inAmpMode, html, docComponentsRendered } = useContext(
DocumentComponentContext
)
+ const [invalidHtmlError, setInvalidHtmlError] = useState()
docComponentsRendered.Main = true
+ useEffect(() => {
+ checkHtml()
+ })
+ const checkHtml = async () => {
+ try {
+ await htmlValidator(html)
+ } catch (error) {
+ setInvalidHtmlError(error)
+ }
+ }
if (inAmpMode) return <>{AMP_RENDER_TARGET}</>
+ if (invalidHtmlError) {
+ Log.error(
+ "There's an error with your HTML",
+ JSON.stringify(invalidHtmlError)
+ )
+ }
return <div id="__next" dangerouslySetInnerHTML={{ __html: html }} />
} |
I also had this problem when allowing user generated HTML. If you wrap the dangerously set HTML code using the sanitize package linked below - it auto-fixes this broken HTML problem for you. https://www.npmjs.com/package/sanitize-html
|
I'll take this one on. |
Hey, is there any progress on the issue? If there is no one that is not taking this on, I'll be ready to take this on. |
If there is no progress on this issue,please assign this issue to me |
@Mbistami Nobody is! Feel free to open a PR 🙇🏼 |
@samcx should we use some library to validate the HTML or can't add packages I'm very new to contributing in next and I think adding |
Hmm we should already have something like this. If you use the command
|
I see, but I coulnd't find a way to get the HTML to validate It tried to implement it on |
@Mbistami I think we should try to validate what you're seeing is this error itself. Do you have a |
@Mbistami That |
Bug report
Describe the bug
If invalid HTML is added to
dangerouslySetInnerHTML
, Next.js will output a blank page without providing any feedback. This can be hard to track when working with a CMS provider or markdown files.To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
yarn && yarn dev
ornpm i && npm run dev
pages/index.js
is a blank page with no errorsExpected behavior
Invalid HTML inside
dangerouslySetInnerHTML
should throw and/or let the user know that there's something wrong.The demo also has an
index.html
andindex.js
in the root directory that shows how the same code works in React alone, it doesn't produce an error either, but it shows the content.The text was updated successfully, but these errors were encountered: