🏠 New in Low Baseline Support: Unsanitized HTML parsing methods

July 9, 2024

caniuse · mdn · spec

The Document.parseHTMLUnsafe() static method parses HTML into a DOM tree, while the setHTMLUnsafe() method of Element and ShadowRoot parses and inserts HTML into an existing tree. No sanitization applies to these methods, so never call them with user-provided HTML strings.

Source features

• api.Element.setHTMLUnsafe [mdn]
• api.ShadowRoot.setHTMLUnsafe [mdn]
• api.Document.parseHTMLUnsafe_static [mdn]