Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistency - custom description, banner_text uses Sanitize but actor names is fully escaped #805

Closed
arathunku opened this issue Jan 2, 2024 · 2 comments
Closed

Inconsistency - custom description, banner_text uses Sanitize but actor names is fully escaped #805

arathunku opened this issue Jan 2, 2024 · 2 comments

Comments

@arathunku
Copy link

Hello!

I'm in a process of updating to v1.1 release, it's great and expressions are super useful :)

There's 1 inconsistency I've noticed when trying to make UI a bit more user friendly

  • any value for actor_names_source is fully escaped
  • descriptions are using <%== Sanitize.fragment(@feature.description, Sanitize::Config::BASIC) %> -

I found this out when I wanted to display links as values in actor names for quicker navigation. I can do that

We can already add HTML in banner_text too, here, so it looks like only actor_names_source is not following the pattern.

Is PR to use Sanitize for actor name too welcome?
@bkeepers
Copy link
Collaborator

bkeepers commented Jan 2, 2024

Thanks for pointing out the inconsistency. A PR would definitely be welcome!

@bryszard bryszard mentioned this issue Jan 5, 2024
Merged
@arathunku
Copy link
Author

thanks @bryszard!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bkeepers @arathunku