React, rendering HTML saved from draft-js?

I'm learning React: totally newbie.

If I save to DB the HTML directly from draft.js (or it's variants always based on it) and then in a view page of my React SPA I retrieve HTML from DB through my API:

QUESTIONS:

Start a personal dev blog on your domain for free and grow your readership.

3.4K+ developers have started their personal blogs on Hashnode in the last one month.

Write in Markdown 路 Publish articles on custom domain 路 Gain readership on day zero 路 Automatic GitHub backup and more

Comments (1)

Jake Foraker's photo

I did the exact same same thing with github.com/wrakky/react-html-parser

Using a Django Rest Framework API - I saved my "page" objects as JSON Fields, so the client could construct the payloads freely. Then the the outgoing payload would just contain a JSON object with key/value and the value was a string of html.

{
  "text": "<p>some block of html that is just a string</p>"
}

To my recollection, letting Django handle security was enough - but it was an internal tool so we weren't worried about xss or whatever threat is possible.