You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by mi...@apache.org on 2023/01/05 19:57:26 UTC
[superset] 06/14: feat: Disables HTML rendering in Toast by default (#21853)
This is an automated email from the ASF dual-hosted git repository.
michaelsmolina pushed a commit to branch 1.5
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 468c1d164e7eabba4989dcf1fa86f8d369cb2800
Author: Michael S. Molina <70...@users.noreply.github.com>
AuthorDate: Wed Oct 19 07:44:50 2022 -0300
feat: Disables HTML rendering in Toast by default (#21853)
(cherry picked from commit 47b1e0ca9dfdea153e133442bee676ba9a73aba0)
---
superset-frontend/src/components/MessageToasts/Toast.tsx | 2 +-
superset-frontend/src/components/MessageToasts/types.ts | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/superset-frontend/src/components/MessageToasts/Toast.tsx b/superset-frontend/src/components/MessageToasts/Toast.tsx
index 82a57e199d..0a1a93d92a 100644
--- a/superset-frontend/src/components/MessageToasts/Toast.tsx
+++ b/superset-frontend/src/components/MessageToasts/Toast.tsx
@@ -97,7 +97,7 @@ export default function Toast({ toast, onCloseToast }: ToastPresenterProps) {
role="alert"
>
{icon}
- <Interweave content={toast.text} />
+ <Interweave content={toast.text} noHtml={!toast.allowHtml} />
<i
className="fa fa-close pull-right pointer"
role="button"
diff --git a/superset-frontend/src/components/MessageToasts/types.ts b/superset-frontend/src/components/MessageToasts/types.ts
index cd41927847..fd4b27074b 100644
--- a/superset-frontend/src/components/MessageToasts/types.ts
+++ b/superset-frontend/src/components/MessageToasts/types.ts
@@ -31,4 +31,6 @@ export interface ToastMeta {
/** Whether to skip displaying this message if there are another toast
* with the same message. */
noDuplicate?: boolean;
+ /** For security reasons, HTML rendering is disabled by default. Use this property to enable it. */
+ allowHtml?: boolean;
}