diff --git a/packages/insomnia/src/main/window-utils.ts b/packages/insomnia/src/main/window-utils.ts
index d9e0d7ea639d..69458685ac55 100644
--- a/packages/insomnia/src/main/window-utils.ts
+++ b/packages/insomnia/src/main/window-utils.ts
@@ -201,7 +201,6 @@ export function createWindow(): ElectronBrowserWindow {
zoomFactor: getZoomFactor(),
nodeIntegration: true,
nodeIntegrationInWorker: false, // must remain false to ensure the nunjucks web worker sandbox does not have access to Node.js APIs
- webviewTag: true,
// TODO: enable context isolation
contextIsolation: false,
disableBlinkFeatures: 'Auxclick',
diff --git a/packages/insomnia/src/ui/components/viewers/response-viewer.tsx b/packages/insomnia/src/ui/components/viewers/response-viewer.tsx
index fad8e31513b7..da41b2b1f0f8 100644
--- a/packages/insomnia/src/ui/components/viewers/response-viewer.tsx
+++ b/packages/insomnia/src/ui/components/viewers/response-viewer.tsx
@@ -283,7 +283,7 @@ export const ResponseViewer = ({
body={getBodyAsString()}
key={disableHtmlPreviewJs ? 'no-js' : 'yes-js'}
url={url}
- webpreferences={`disableDialogs=true, javascript=${disableHtmlPreviewJs ? 'no' : 'yes'}`}
+ disableHtmlPreviewJs={disableHtmlPreviewJs}
/>
);
}
diff --git a/packages/insomnia/src/ui/components/viewers/response-web-view.test.ts b/packages/insomnia/src/ui/components/viewers/response-web-view.test.ts
new file mode 100644
index 000000000000..13f528c523a8
--- /dev/null
+++ b/packages/insomnia/src/ui/components/viewers/response-web-view.test.ts
@@ -0,0 +1,19 @@
+import { describe, expect, it } from 'vitest';
+
+import { getResponsePreviewHtml, getResponsePreviewSandbox } from './response-web-view';
+
+describe('response-web-view', () => {
+ it('injects a base tag into the document head', () => {
+ expect(getResponsePreviewHtml('Hello', 'https://example.com/path/')).toBe(
+ 'Hello',
+ );
+ });
+
+ it('keeps scripts disabled when HTML preview JS is turned off', () => {
+ expect(getResponsePreviewSandbox(true)).toBe('');
+ });
+
+ it('allows scripts when HTML preview JS is enabled', () => {
+ expect(getResponsePreviewSandbox(false)).toBe('allow-scripts');
+ });
+});
diff --git a/packages/insomnia/src/ui/components/viewers/response-web-view.tsx b/packages/insomnia/src/ui/components/viewers/response-web-view.tsx
index 9b1bc7ddb47a..ca9185c23a72 100644
--- a/packages/insomnia/src/ui/components/viewers/response-web-view.tsx
+++ b/packages/insomnia/src/ui/components/viewers/response-web-view.tsx
@@ -1,30 +1,24 @@
-import React, { type FC, useEffect, useRef } from 'react';
+import React, { type FC } from 'react';
interface Props {
body: string;
url: string;
- webpreferences: string;
+ disableHtmlPreviewJs: boolean;
}
-export const ResponseWebView: FC = ({ webpreferences, body, url }) => {
- const webviewRef = useRef(null);
- useEffect(() => {
- const webview = webviewRef.current;
- const handleDOMReady = () => {
- if (webview) {
- webview.removeEventListener('dom-ready', handleDOMReady);
- const bodyWithBase = body.replace('', ``);
- webview.loadURL(`data:text/html; charset=utf-8,${encodeURIComponent(bodyWithBase)}`);
- }
- };
- if (webview) {
- webview.addEventListener('dom-ready', handleDOMReady);
- }
- return () => {
- if (webview) {
- webview.removeEventListener('dom-ready', handleDOMReady);
- }
- };
- }, [body, url]);
- return ;
+export const getResponsePreviewHtml = (body: string, url: string) => body.replace('', ``);
+
+export const getResponsePreviewSandbox = (disableHtmlPreviewJs: boolean) =>
+ disableHtmlPreviewJs ? '' : 'allow-scripts';
+
+export const ResponseWebView: FC = ({ body, disableHtmlPreviewJs, url }) => {
+ return (
+
+ );
};