remark-react
Advanced tools
Transform markdown to React with remark, an extensively tested and pluggable parser.
Why? Using innerHTML and dangerouslySetInnerHTML in React is a
common cause of XSS attacks: user input can include script tags and other
kinds of active content that reaches across domains and harms security.
remark-react builds a DOM in React, using React.createElement: this
means that you can display parsed & formatted Markdown content in an
application without using dangerouslySetInnerHTML.
npm:
npm install remark-react
import React from 'react'
import ReactDOM from 'react-dom'
import remark from 'remark'
import remark2react from 'remark-react'
class App extends React.Component {
constructor() {
super()
this.state = { text: '# hello world' }
this.onChange = this.onChange.bind(this)
}
onChange(e) {
this.setState({ text: e.target.value })
}
render() {
return (
<div>
<textarea value={this.state.text} onChange={this.onChange} />
<div id="preview">
{
remark()
.use(remark2react)
.processSync(this.state.text).contents
}
</div>
</div>
)
}
}
ReactDOM.render(<App />, document.getElementById('root'))
remark().use(react[, options])Transform markdown to React.
options.createElementHow to create elements or components (Function).
Default: require('react').createElement
options.fragmentCreate fragments instead of an outer <div> if available (Function).
Default: require('react').Fragment
options.sanitizeSanitation schema to use (object or boolean, default: undefined).
Passed to hast-util-sanitize.
The default schema, if none or true is passed, adheres to GitHub’s
sanitation rules.
Setting this to false is just as bad as using dangerouslySetInnerHTML.
options.prefixReact key (default: h-).
options.remarkReactComponentsOverride default elements, such as <a>, <p>, etc by defining an object
comprised of element: Component key-value pairs (object, default:
undefined).
For example, to output <MyLink> components instead of <a>, and
<MyParagraph> instead of <p>:
remarkReactComponents: {
a: MyLink,
p: MyParagraph
}
options.toHastConfigure how to transform mdast to hast (object, default: {}).
Passed to mdast-util-to-hast.
See how to integrate with other remark plugins in the Integrations section
of remark-html.
MIT © Titus Wormer, modified by Tom MacWright and Mapbox.
FAQs
Deprecated: this package is no longer maintained. Please use `remark-rehype` to move from remark (markdown) to rehype (HTML) and then replace `remark-react` with [`rehype-react`][rehype-react].
The npm package remark-react receives a total of 14,390 weekly downloads. As such, remark-react popularity was classified as popular.
We found that remark-react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."