setRawInnerHtml function

void setRawInnerHtml(
  1. Element element,
  2. String html, {
  3. bool textContent = false,
})

Sets element's content from html.

By default, sets innerHTML — the HTML is not sanitized, so untrusted input is an XSS vector.

If textContent is true, sets textContent instead (treats html as plain text).

Implementation

void setRawInnerHtml(Element element, String html,
    {bool textContent = false}) {
  if (textContent) element.textContent = html;
  else element.innerHTML = html.toJS;
}