References Web APIs Document parseHTMLUnsafe()
Collection
Language

Document: parseHTMLUnsafe() static method

The parseHTMLUnsafe() static method of the Document object is used to parse a string of HTML, which may contain declarative shadow roots, in order to create a new Document instance.

The suffix "Unsafe" in the method name indicates that, while <script> elements are not evaluated during parsing, the method does not sanitize other potentially unsafe XSS-relevant input.

The resulting Document will have a content type of "text/html", a character set of UTF-8, and a URL of "about:blank"

Syntax

js
Document.parseHTMLUnsafe(input)

Parameters

html

A string of HTML to be parsed.

Return value

A Document.

Exceptions

None.

Specifications

Browser compatibility

See also

In this article

Your blueprint for a better internet.

MDN
Support
Our communities
Developers

Visit Mozilla Corporation’s not-for-profit parent, the Mozilla Foundation.
Portions of this content are ©1998–2024 by individual mozilla.org contributors. Content available under a Creative Commons license.