You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by vi...@apache.org on 2021/02/25 06:14:58 UTC
[superset] tag 0.38.1rc1 created (now 53b65e9)
This is an automated email from the ASF dual-hosted git repository.
villebro pushed a change to tag 0.38.1rc1
in repository https://gitbox.apache.org/repos/asf/superset.git.
at 53b65e9 (commit)
This tag includes the following new commits:
new caa18ce feat: adding feature flags to escape/hide html in markdown (#11340)
new 53b65e9 update changelog and version number
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[superset] 01/02: feat: adding feature flags to escape/hide html in
markdown (#11340)
Posted by vi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
villebro pushed a commit to tag 0.38.1rc1
in repository https://gitbox.apache.org/repos/asf/superset.git
commit caa18cea65e1894ada39ed565e9bb6618a0aa10a
Author: Evan Rusackas <ev...@preset.io>
AuthorDate: Wed Oct 21 15:07:27 2020 -0700
feat: adding feature flags to escape/hide html in markdown (#11340)
* utilizing feature flag for html escapement
* use src alias
* Feature flag to allow hiding of HTML tags
* strips js attr
* better feature flag naming
* simplifying
* Adding comments to new feature flags
* shorter comment, because pylint,
* pedantic change to get black to format a file
---
.../components/gridComponents/Markdown.jsx | 30 ++++++++++++++--------
superset-frontend/src/featureFlags.ts | 2 ++
superset/config.py | 4 +++
3 files changed, 26 insertions(+), 10 deletions(-)
diff --git a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
index c5d86ce..acd0503 100644
--- a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
+++ b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
@@ -19,23 +19,26 @@
import React from 'react';
import PropTypes from 'prop-types';
import ReactMarkdown from 'react-markdown';
+import htmlParser from 'react-markdown/plugins/html-parser';
+
import cx from 'classnames';
import { t } from '@superset-ui/core';
import { Logger, LOG_ACTIONS_RENDER_CHART } from 'src/logger/LogUtils';
import { MarkdownEditor } from 'src/components/AsyncAceEditor';
-
-import DeleteComponentButton from '../DeleteComponentButton';
-import DragDroppable from '../dnd/DragDroppable';
-import ResizableContainer from '../resizable/ResizableContainer';
-import MarkdownModeDropdown from '../menu/MarkdownModeDropdown';
-import WithPopoverMenu from '../menu/WithPopoverMenu';
-import { componentShape } from '../../util/propShapes';
-import { ROW_TYPE, COLUMN_TYPE } from '../../util/componentTypes';
+import { isFeatureEnabled, FeatureFlag } from 'src/featureFlags';
+
+import DeleteComponentButton from 'src/dashboard/components/DeleteComponentButton';
+import DragDroppable from 'src/dashboard/components/dnd/DragDroppable';
+import ResizableContainer from 'src/dashboard/components/resizable/ResizableContainer';
+import MarkdownModeDropdown from 'src/dashboard/components/menu/MarkdownModeDropdown';
+import WithPopoverMenu from 'src/dashboard/components/menu/WithPopoverMenu';
+import { componentShape } from 'src/dashboard/util/propShapes';
+import { ROW_TYPE, COLUMN_TYPE } from 'src/dashboard/util/componentTypes';
import {
GRID_MIN_COLUMN_COUNT,
GRID_MIN_ROW_UNITS,
GRID_BASE_UNIT,
-} from '../../util/constants';
+} from 'src/dashboard/util/constants';
const propTypes = {
id: PropTypes.string.isRequired,
@@ -84,6 +87,7 @@ function isSafeMarkup(node) {
return true;
}
+
class Markdown extends React.PureComponent {
constructor(props) {
super(props);
@@ -259,8 +263,14 @@ class Markdown extends React.PureComponent {
? MARKDOWN_ERROR_MESSAGE
: this.state.markdownSource || MARKDOWN_PLACE_HOLDER
}
- escapeHtml={false}
+ escapeHtml={isFeatureEnabled(FeatureFlag.ESCAPE_MARKDOWN_HTML)}
+ skipHtml={!isFeatureEnabled(FeatureFlag.DISPLAY_MARKDOWN_HTML)}
allowNode={isSafeMarkup}
+ astPlugins={[
+ htmlParser({
+ isValidNode: node => node.type !== 'script',
+ }),
+ ]}
/>
);
}
diff --git a/superset-frontend/src/featureFlags.ts b/superset-frontend/src/featureFlags.ts
index ffc1e56..8829120 100644
--- a/superset-frontend/src/featureFlags.ts
+++ b/superset-frontend/src/featureFlags.ts
@@ -29,6 +29,8 @@ export enum FeatureFlag {
THUMBNAILS = 'THUMBNAILS',
SIP_34_SAVED_QUERIES_UI = 'SIP_34_SAVED_QUERIES_UI',
LISTVIEWS_DEFAULT_CARD_VIEW = 'LISTVIEWS_DEFAULT_CARD_VIEW',
+ DISPLAY_MARKDOWN_HTML = 'DISPLAY_MARKDOWN_HTML',
+ ESCAPE_MARKDOWN_HTML = 'ESCAPE_MARKDOWN_HTML',
}
export type FeatureFlagMap = {
diff --git a/superset/config.py b/superset/config.py
index 71c1e99..79d34ce 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -309,6 +309,10 @@ DEFAULT_FEATURE_FLAGS: Dict[str, bool] = {
"TAGGING_SYSTEM": False,
"SQLLAB_BACKEND_PERSISTENCE": False,
"LISTVIEWS_DEFAULT_CARD_VIEW": False,
+ # When True, this flag allows display of HTML tags in Markdown components
+ "DISPLAY_MARKDOWN_HTML": True,
+ # When True, this escapes HTML (rather than rendering it) in Markdown components
+ "ESCAPE_MARKDOWN_HTML": False,
}
# Set the default view to card/grid view if thumbnail support is enabled.
[superset] 02/02: update changelog and version number
Posted by vi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
villebro pushed a commit to tag 0.38.1rc1
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 53b65e9b536b8ed2304e30472d7f6fe6227ec02b
Author: Ville Brofeldt <vi...@gmail.com>
AuthorDate: Thu Feb 25 08:13:00 2021 +0200
update changelog and version number
---
CHANGELOG.md | 3 +++
superset-frontend/package.json | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2a16770..c05d2bb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,9 @@ under the License.
## Change Log
### 0.38.0 (Mon Nov 17 07:23:54 2020 +00:00)
+- [#11340](https://github.com/apache/incubator-superset/pull/11340) feat: adding feature flags to escape/hide html in markdown (#11340)
+
+### 0.38.0 (Mon Nov 17 07:23:54 2020 +00:00)
- [#11724](https://github.com/apache/incubator-superset/pull/11724) fix: prior npm font source had a glitch (#11724) (@rusackas)
- [#11718](https://github.com/apache/incubator-superset/pull/11718) refactor: Load fonts from packages rather than local binaries (#11718) (@rusackas)
- [#11365](https://github.com/apache/incubator-superset/pull/11365) fix(sqla): allow 'unknown' type queries in explore view (#11365) (@serenajiang)
diff --git a/superset-frontend/package.json b/superset-frontend/package.json
index 9eecb75..efab814 100644
--- a/superset-frontend/package.json
+++ b/superset-frontend/package.json
@@ -1,6 +1,6 @@
{
"name": "superset",
- "version": "0.38.0",
+ "version": "0.38.1",
"description": "Superset is a data exploration platform designed to be visual, intuitive, and interactive.",
"license": "Apache-2.0",
"directories": {