The Document.parseHTMLUnsafe() static method parses HTML into a DOM tree, while the setHTMLUnsafe() method of Element and ShadowRoot parses and inserts HTML into an existing tree. No sanitization applies to these methods, so never call them with user-provided HTML strings.

Learning resources on MDN

• Document: parseHTMLUnsafe() static method
• Element: setHTMLUnsafe() method
• ShadowRoot: setHTMLUnsafe() method

Browser support

• Chrome 124 Released on 2024-04-16
• Chrome Android 124 Released on 2024-04-16
• Edge 124 Released on 2024-04-18
• Firefox 128 Released on 2024-07-09
• Firefox for Android 128 Released on 2024-07-09
• Safari 17.4 Released on 2024-03-05
• Safari on iOS 17.4 Released on 2024-03-05

Edit this feature - Report an issue about this feature