Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

React Content Editable and its application #50

Open
reboottime opened this issue Sep 9, 2023 · 5 comments
Open

React Content Editable and its application #50

reboottime opened this issue Sep 9, 2023 · 5 comments
Labels
2023 practices

Comments

@reboottime
Copy link
Owner

reboottime commented Sep 9, 2023
edited
Loading

Overview

This article talks about react-content editable, including

  1. its application in single page applications or web builders.
  2. its rationale- the contentditable property and its source code
@reboottime
Copy link
Owner Author

reboottime commented Sep 9, 2023
edited
Loading

Fundamentals: contenteditable property and react-contenteditable

The contenteditable property

HTML elements can be made editable by users using the contenteditable property. When this property is set, it allows users to modify the innerHTML of the element, similar to how they interact with a text input element. Here is an example provided by MDN

  • The convenience of using a contenteditable element lies in its ability to dynamically adjust its width and height as the content grows, so you do not need to programmatically handle text input element's width when text input value grows.
  • How to capture content change:
    • while a _contenteditable_ element can be interacted like an text input, it doesn't support onChange event like how we use input.
    • react-contenteditable solved above problem, please reading bellow

react-contenteditable and how it resolves onChange event

react-contenteditable exposes an onChange interface to users, which is an intuitive design to developer users.

Behind the scenes, it mocks the onChange event such that whenever user inputs, it calls external onChange event.

Here are the details

image

@reboottime
Copy link
Owner Author

reboottime commented Sep 9, 2023
edited
Loading

Applications of React Content Editable in SPA

In a multi-step workflow, users may anticipate the ability to update data generated in the final step. However, it may not be feasible to navigate back to the previous screen at the last step.

To address this, we provide users with an interface that allows them to edit the filled information from previous steps directly within the display, for instance
.

  1. Editing the previous value using menu
image
  1. Editing the previous value using editable area
image
  1. Edting title directly at where we show it in azure PR request
image

@reboottime reboottime added the 2023 label Sep 9, 2023
@reboottime
Copy link
Owner Author

reboottime commented Sep 11, 2023
edited
Loading

Security considerations with content editable

Users have the freedom to input any content of their choice within the content-editable area. For instance, in this CodeSandbox sample, users can input a script as shown below:

image

That means this could pose a security risk if a user inputs malicious content into the editable area, as that content may be executed.

when it comes to eliminating malicious content, sanitize-html is your ally , offering flexible configuration options for tailored content sanitization.

@reboottime
Copy link
Owner Author

reboottime commented Sep 11, 2023
edited
Loading

Some common issues

  1. How to add placeholder effect for content editable.;
[contenteditable=true]:empty:before {
  content: attr(placeholder);
  display: block;
  color: #aaa;
}

@reboottime
Copy link
Owner Author

References

  1. react content editable package
  2. MDN doc : contenteditable
  3. Clean up user submitted html
  4. Add placeholder effect to content editable

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2023 practices
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@reboottime