问题
I've got a simple blog app on Express and MongoDB, using EJS to render my data.
The problem I have is I want this to be styled like a paragraph:
<div class="show-post__content">
<%= post.body %>
</div>
The content of the post.body is: '<p>Hello there, this is a new post.</p>'
but it's rendering like this:
If the picture doesn't work, it's showing up with the brackets visible, rather than looking like an actual html p tag if that makes any sense... Does anyone know how to get around this?
Many thanks,
Raph
回答1:
I've got it:
<div class="show-post__content">
<%- post.body %>
</div>
Is the answer.
Thanks if you had a look!
回答2:
To be honest, I had the similar issue a week ago
Mission was to disable javascript. I did that with sanitizer.
I sanitized user info before inserting in MongoDB.
So recommend you to do that with sanitize-html striptags.
Those packages are in npm you can download the package.
I hope you will solve the problem.
var striptags = require('striptags');
YourCollectionName.find({}, function (err, obj) {
if (err) {
//handle or throw error
}
// For all the documents, remove html tags and save
obj.forEach(function(ob){
ob.body= striptags(ob.body);
ob.save();
});
});
来源:https://stackoverflow.com/questions/51407713/ejs-rendering-html