Web platform features explorer

Unsanitized HTML parsing methods

The Document.parseHTMLUnsafe() static method parses HTML into a DOM tree, while the setHTMLUnsafe() method of Element and ShadowRoot parses and inserts HTML into an existing tree. No sanitization applies to these methods, so never call them with user-provided HTML strings.

Status

Limited availability

Specifications

Browser support

  • Chrome 124 Released on 2024-04-16
  • Chrome Android 124 Released on 2024-04-16
  • Edge 124 Released on 2024-04-18
  • Firefox 128 Released on 2024-07-09
  • Firefox for Android 128 Released on 2024-07-09
  • Safari
  • Safari on iOS

Baseline availability blocked since July 2024 by Safari (13 months)

Developer signals

Usage (according to Chrome Platform Status)

~0.010% of page loads. More data at chromestatus.