You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by mi...@apache.org on 2022/10/19 10:44:58 UTC
[superset] branch master updated: feat: Disables HTML rendering in Toast by default (#21853)
This is an automated email from the ASF dual-hosted git repository.
michaelsmolina pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/superset.git
The following commit(s) were added to refs/heads/master by this push:
new 47b1e0ca9d feat: Disables HTML rendering in Toast by default (#21853)
47b1e0ca9d is described below
commit 47b1e0ca9dfdea153e133442bee676ba9a73aba0
Author: Michael S. Molina <70...@users.noreply.github.com>
AuthorDate: Wed Oct 19 07:44:50 2022 -0300
feat: Disables HTML rendering in Toast by default (#21853)
---
superset-frontend/src/components/MessageToasts/Toast.tsx | 2 +-
superset-frontend/src/components/MessageToasts/types.ts | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/superset-frontend/src/components/MessageToasts/Toast.tsx b/superset-frontend/src/components/MessageToasts/Toast.tsx
index 82a57e199d..0a1a93d92a 100644
--- a/superset-frontend/src/components/MessageToasts/Toast.tsx
+++ b/superset-frontend/src/components/MessageToasts/Toast.tsx
@@ -97,7 +97,7 @@ export default function Toast({ toast, onCloseToast }: ToastPresenterProps) {
role="alert"
>
{icon}
- <Interweave content={toast.text} />
+ <Interweave content={toast.text} noHtml={!toast.allowHtml} />
<i
className="fa fa-close pull-right pointer"
role="button"
diff --git a/superset-frontend/src/components/MessageToasts/types.ts b/superset-frontend/src/components/MessageToasts/types.ts
index cd41927847..fd4b27074b 100644
--- a/superset-frontend/src/components/MessageToasts/types.ts
+++ b/superset-frontend/src/components/MessageToasts/types.ts
@@ -31,4 +31,6 @@ export interface ToastMeta {
/** Whether to skip displaying this message if there are another toast
* with the same message. */
noDuplicate?: boolean;
+ /** For security reasons, HTML rendering is disabled by default. Use this property to enable it. */
+ allowHtml?: boolean;
}