Related: #419 (comment)

By default, React escapes string children, converting HTML tags to their encoded equivalents. On the web, this is considered a "good thing" in helping avoid unintentional cross-site scripting attacks. However, in the serialization step of converting a block to its string form, this complicates the block's save function where we need to be able to include raw HTML in the generated output to be saved for post_content. The block's save function is never truly rendered, only ever passed through ReactDOMServer.renderToStaticMarkup to generate the composed content of the post. In order to include HTML in the serialized content, a developer must use the special dangerouslySetInnerHTML prop.

What's the problem? It's not obvious that a developer would need to use dangerouslySetInnerHTML to include arbitrary markup in the saved post content. Additionally the property name is very intentional in its scariness, which is likely off-putting for our legitimate use-case.

Why do we need it? We may consider exploring alternatives, but for the moment particularly the Editable (TinyMCE) component is affected by this in its value being reflected as raw HTML.