I was implementing Google Tag Manager in Next, and all of the resources I saw online said to use dangerouslySetInnerHTML. My understanding from the docs is that it's "dangerous" because it could introduce XSS vulnerabilities, but is it really that different from using .innerHTML in vanilla JS? Can it safely be used to install GTag, or is there some other concern I'm not seeing?
3rd-party scripts (like Google Tag Manager) are required to insert directly into the DOM. To achieve this behavior you need to bypass this security feature with the dangerouslySetInnerHTML.
Important: Insert this way only those scripts with which you trust!