v-html
attribute JS-069317</script>
18
19<template>
20 <div class="vp-doc" v-html="content"></div>21</template>
22
23<style scoped>
It is recommended to use interpolation expressions instead of using v-html
as it prevents injection attacks like XSS.
Injecting HTML is a feature available to any front-end framework and used by websites when the server renders HTML.
Using interpolation expressions is recommended as expression here gets stringified instead of getting executed, unlike in v-html
<div v-html="someHTML"></div>
<div>{{ someHTML }}</div>