Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there any major difference between innerHTML and using createTextNode to fill a span?

The title is pretty clear: Is there any major difference between innerHTML and createTextNode (used with Append) to fill a span with text?

like image 719
Jeff Noel Avatar asked Oct 29 '12 13:10

Jeff Noel


People also ask

Why you shouldn't use innerHTML?

The use of innerHTML creates a potential security risk for your website. Malicious users can use cross-site scripting (XSS) to add malicious client-side scripts that steal private user information stored in session cookies. You can read the MDN documentation on innerHTML .

Should I use innerHTML or innerText?

innerText returns all text contained by an element and all its child elements. innerHtml returns all text, including html tags, that is contained by an element.

What is the diff between innerHTML and innerText and textContent?

The Differences Between The innerHTML property returns: The text content of the element, including all spacing and inner HTML tags. The innerText property returns: Just the text content of the element and all its children, without CSS hidden text spacing and tags, except <script> and <style> elements.

What is the difference between HTML and innerHTML?

It then adds them to the DOM separately in a manner that causes their execution. .html() implicitly causes a few operations (script handling being one) whereas writing to innerHTML simply causes the innerHTML to change, but very little is done with that HTML.

What is the difference between innerHTML innertext and textcontent?

innerText is very similar to textContent, however, there are important differences between them! Put simply, innerText is aware of the rendered appearance of text, while textContent is not. Here’s what innerHTML, innerText, and textContent return: getValue.innerHTML This element is <strong>strong</strong> and has some super fun <code>code</code>!

Is it safe to use innerHTML?

As mentioned in the innerHTML tutorial, you should use it only when the data comes from a trusted source like a database. If you set the contents that you have no control over to the innerHTML, the malicious code may be injected and executed. Assuming that you have a list of elements and you need in each iteration:

How to manipulate an element’s HTML directly using innerHTML in JavaScript?

let div = document .querySelector ( '.container' ); let p = document .createElement ( 'p' ); p.textContent = 'JS DOM' ; div.appendChild (p); You can also manipulate an element’s HTML directly using innerHTML like this: let div = document .querySelector ( '.container' ); div.innerHTML += '<p>JS DOM</p>';

What characters does the innertext Property Report as different between browsers?

Even though the innerText property is said to've been standardised since 2016, it exhibits differences between browsers: Mozilla ignores U+200E and U+200F characters ("lrm" and "rlm") in innerText, while Chrome does not. Firefox reports 3 and 2, Chrome reports 3 and 3.


2 Answers

Of course. createTextNode will escape any strings and show them as they are, while innerHTML could render html-like strings into a DOM. If you don't want that (unless you are sure the text contains no unescaped tags, e.g. when assigning a literal directly), you can use textContent (or innerText for IE).

Yet I'd recommend createTextNode, because all browsers support it equally without any quirks.

like image 85
Bergi Avatar answered Sep 20 '22 03:09

Bergi


Doing some research online, here's what I've found. This should cover it at a high level:

  • elem.createTextNode(text) and elem.textContent = text do the exact same thing (src: https://javascript.info/task/createtextnode-vs-innerhtml)

  • While textContent returns the full text contained in a node, innerText returns only the visible text contained in the node. (src: Difference between textContent vs innerText)

like image 44
venkat0591 Avatar answered Sep 22 '22 03:09

venkat0591