The Document.parseHTMLUnsafe() static method parses HTML into a DOM tree, while the setHTMLUnsafe() method of Element and ShadowRoot parses and inserts HTML into an existing tree. No sanitization applies to these methods, so never call them with user-provided HTML strings.

Compatibility

• Chrome 124 Released on 2024-04-16
• Chrome Android 124 Released on 2024-04-16
• Edge 124 Released on 2024-04-18
• Firefox ❌ Search for bugs Search for standards position
• Firefox for Android ❌ Search for bugs Search for standards position
• Safari 17.4 Released on 2024-03-05
• Safari on iOS 17.4 Released on 2024-03-05

BCD data

• api.Element.setHTMLUnsafe
• api.ShadowRoot.setHTMLUnsafe
• api.Document.parseHTMLUnsafe_static