Skip to content

Commit

Permalink
fix(DHIS2-17668): sanitise HTML in table instead of showing it as text
Browse files Browse the repository at this point in the history
  • Loading branch information
kabaros committed Jul 1, 2024
1 parent 714d490 commit 76cc4d8
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 7 deletions.
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
"history": "^5.0.1",
"prop-types": "^15.7.2",
"query-string": "^7.0.1",
"react-html-parser": "^2.0.2",
"use-debounce": "^7.0.0"
}
}
11 changes: 6 additions & 5 deletions src/data-workspace/display/table.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import {
} from '@dhis2/ui'
import PropTypes from 'prop-types'
import React from 'react'
import ReactHtmlParser from 'react-html-parser'
import styles from './table.module.css'

// Needs to have the same width as the table, so can't use the one from
Expand All @@ -30,12 +31,12 @@ const Table = ({ title, columns, rows }) => (
<DataTable className={styles.dataTable} width="auto">
<TableHead>
<DataTableToolbar columns={columns.length}>
{title}
{ReactHtmlParser(title)}
</DataTableToolbar>
<DataTableRow>
<DataTableColumnHeader className={styles.cell}>
<span className={styles.labelCellContent}>
{columns[0]}
{ReactHtmlParser(columns[0])}
</span>
</DataTableColumnHeader>

Expand All @@ -45,7 +46,7 @@ const Table = ({ title, columns, rows }) => (
key={column}
className={styles.cell}
>
{column}
{ReactHtmlParser(column)}
</DataTableColumnHeader>
)
})}
Expand All @@ -59,7 +60,7 @@ const Table = ({ title, columns, rows }) => (
<DataTableRow key={index}>
<DataTableCell className={styles.cell}>
<span className={styles.labelCellContent}>
{firstCell}
{ReactHtmlParser(firstCell)}
</span>
</DataTableCell>

Expand All @@ -68,7 +69,7 @@ const Table = ({ title, columns, rows }) => (
key={index}
className={styles.cell}
>
{value}
{ReactHtmlParser(value)}
</DataTableCell>
))}
</DataTableRow>
Expand Down
35 changes: 33 additions & 2 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -7795,7 +7795,7 @@ domain-browser@^1.1.1, domain-browser@^1.2.0:
resolved "https://registry.yarnpkg.com/domain-browser/-/domain-browser-1.2.0.tgz#3d31f50191a6749dd1375a7f522e823d42e54eda"
integrity sha512-jnjyiM6eRyZl2H+W8Q/zLMA481hzi0eszAaBUzIVnmYVDBbnLxVNnfu1HgEBvCbL+71FrxMl3E6lpKH7Ge3OXA==

domelementtype@1:
domelementtype@1, domelementtype@^1.3.1:
version "1.3.1"
resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.3.1.tgz#d048c44b37b0d10a7f2a3d5fee3f4333d790481f"
integrity sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w==
Expand All @@ -7812,14 +7812,21 @@ domexception@^2.0.1:
dependencies:
webidl-conversions "^5.0.0"

domhandler@^2.3.0:
version "2.4.2"
resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-2.4.2.tgz#8805097e933d65e85546f726d60f5eb88b44f803"
integrity sha512-JiK04h0Ht5u/80fdLMCEmV4zkNh2BcoMFBmZ/91WtYZ8qVXSKjiw7fXMgFPnHcSZgOo3XdinHvmnDUeMf5R4wA==
dependencies:
domelementtype "1"

domhandler@^4.0.0, domhandler@^4.2.0:
version "4.2.2"
resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-4.2.2.tgz#e825d721d19a86b8c201a35264e226c678ee755f"
integrity sha512-PzE9aBMsdZO8TK4BnuJwH0QT41wgMbRzuZrHUcpYncEjmQazq8QEaBWgLG7ZyC/DAZKEgglpIA6j4Qn/HmxS3w==
dependencies:
domelementtype "^2.2.0"

domutils@^1.7.0:
domutils@^1.5.1, domutils@^1.7.0:
version "1.7.0"
resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.7.0.tgz#56ea341e834e06e6748af7a1cb25da67ea9f8c2a"
integrity sha512-Lgd2XcJ/NjEw+7tFvfKxOzCYKZsdct5lczQ2ZaQY8Djz7pfAD3Gbp8ySJWtreII/vDlMVmxwa6pHmdxIYgttDg==
Expand Down Expand Up @@ -8047,6 +8054,11 @@ ensure-array@^1.0.0:
resolved "https://registry.yarnpkg.com/ensure-array/-/ensure-array-1.0.0.tgz#317e9fc632c656bb849eb649133528e205b23abc"
integrity sha512-A+3Ntl5WS+GjDnHtC67dKIjw+IoGoeFdNvjn3ZfKEmZgWUz0nxBPE4W52QMCbGZsat0VwWskD5T6AEpe3T2d1g==

entities@^1.1.1:
version "1.1.2"
resolved "https://registry.yarnpkg.com/entities/-/entities-1.1.2.tgz#bdfa735299664dfafd34529ed4f8522a275fea56"
integrity sha512-f2LZMYl1Fzu7YSBKg+RoROelpOaNrcGmE9AZubeDfrCEia483oW4MI4VyFd5VNHIgQ/7qm1I0wUHK1eJnn2y2w==

entities@^2.0.0:
version "2.2.0"
resolved "https://registry.yarnpkg.com/entities/-/entities-2.2.0.tgz#098dc90ebb83d8dffa089d55256b351d34c4da55"
Expand Down Expand Up @@ -9898,6 +9910,18 @@ htmlescape@^1.1.0:
resolved "https://registry.yarnpkg.com/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351"
integrity sha1-OgPtwiFLyjtmQko+eVk0lQnLA1E=

htmlparser2@^3.9.0:
version "3.10.1"
resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.10.1.tgz#bd679dc3f59897b6a34bb10749c855bb53a9392f"
integrity sha512-IgieNijUMbkDovyoKObU1DUhm1iwNYE/fuifEoEHfd1oZKZDaONBSkal7Y01shxsM49R4XaMdGez3WnF9UfiCQ==
dependencies:
domelementtype "^1.3.1"
domhandler "^2.3.0"
domutils "^1.5.1"
entities "^1.1.1"
inherits "^2.0.1"
readable-stream "^3.1.1"

htmlparser2@^6.1.0:
version "6.1.0"
resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-6.1.0.tgz#c4d762b6c3371a05dbe65e94ae43a9f845fb8fb7"
Expand Down Expand Up @@ -14870,6 +14894,13 @@ react-final-form@^6.5.3:
dependencies:
"@babel/runtime" "^7.12.1"

react-html-parser@^2.0.2:
version "2.0.2"
resolved "https://registry.yarnpkg.com/react-html-parser/-/react-html-parser-2.0.2.tgz#6dbe1ddd2cebc1b34ca15215158021db5fc5685e"
integrity sha512-XeerLwCVjTs3njZcgCOeDUqLgNIt/t+6Jgi5/qPsO/krUWl76kWKXMeVs2LhY2gwM6X378DkhLjur0zUQdpz0g==
dependencies:
htmlparser2 "^3.9.0"

react-is@^16.13.1, react-is@^16.8.1, react-is@^16.8.6:
version "16.13.1"
resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4"
Expand Down

0 comments on commit 76cc4d8

Please sign in to comment.