Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Eliminate use of v-html when rendering node names and descriptions #908

Merged
merged 6 commits into from
Nov 21, 2024
Merged

Eliminate use of v-html when rendering node names and descriptions #908

merged 6 commits into from
Nov 21, 2024

Conversation

ptgolden
Copy link
Member

@ptgolden ptgolden commented Nov 20, 2024
edited
Loading

Related issues

Summary

  • Adds a new component, <AppNodeText> which safely renders text containing <i>, <sup>, and <a> tags, while also leaving arbitrary text <enclosed in brackets> untouched.
  • Removes the usage of the unsafe v-html directive when rendering nodes, replacing it with <AppNodeText>

Checks

  • All tests have passed (or issues created for failing tests)

Patrick Golden added 4 commits November 18, 2024 14:58
Add a new component to safely render only <sup> text in a string
9b53eb2 
Needed for fixing #902.
Use an alternative approach in AppNodeText DOM construction
7822e0b 
Instead of building up a DOM tree from scratch, instead find the strings
matching opening and closing tags, and then surround the contents inside
them. This allows nesting tags within one another. (There were several
cases where <sup> tags had nested <i> tags).

Additionally, following the Vue style guide, use hyphen-case for
template attributes.
Add support for rendering <a> tags in AppNodeText
49d7862 
Additionally, update documentation.
Replace uses of v-html with <AppNodeText> where appropriate
6f55417
@netlify Netlify
Copy link

netlify bot commented Nov 20, 2024
edited
Loading

Deploy Preview for monarch-app ready!

Name Link
🔨 Latest commit 161a149
🔍 Latest deploy log https://app.netlify.com/sites/monarch-app/deploys/673f4246277cfb0008a5e227
😎 Deploy Preview https://deploy-preview-908--monarch-app.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@codecov Codecov
Copy link

codecov bot commented Nov 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 71.14%. Comparing base (ce0851b) to head (161a149).
Report is 5 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #908      +/-   ##
==========================================
- Coverage   71.37%   71.14%   -0.24%     
==========================================
  Files          91       91              
  Lines        3148     3136      -12     
==========================================
- Hits         2247     2231      -16     
- Misses        901      905       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@ptgolden ptgolden mentioned this pull request Nov 20, 2024
Open
@ptgolden ptgolden merged commit af5ab7b into main Nov 21, 2024
11 checks passed
@ptgolden ptgolden deleted the issue-902-appnodebadge-unsafe-html branch November 21, 2024 17:00
@dpavam dpavam mentioned this pull request Dec 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevinschaper kevinschaper kevinschaper approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HTML injection in phenogrid tooltips (and <AppNodeBadge> more generally)
2 participants
@ptgolden @kevinschaper